Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Install VIOS SSL Certificate on Integrated Virtualization Manager
Operating Systems AIX Install VIOS SSL Certificate on Integrated Virtualization Manager Post 303027214 by Neo on Tuesday 11th of December 2018 07:14:04 AM
Old 12-11-2018
See IBM Ref, for a related hint:
IBM Knowledge Center - To replace the default certificate with a new self-signed certificat

Quote:
To replace the default certificate with a new self-signed certificate, complete the following tasks:
Click New Self-Signed.
On the Create New Self-Signed Certificate page, enter a unique value in the Key Label field.
Provide values for the other fields, and click OK.
The list of Personal Certificates contains your new self-signed certificate and the certificate with the default label.

Select the certificate with the default label and click Rename.
Enter a new label for the certificate, and click OK.
Select the new certificate and click Rename.
Enter default as the new label, and click OK.
To replace the default certificate with a new certificate that is signed by an external certificate authority, complete the following tasks:
In the iKeyman utility, select Create > New Certificate Request.
Enter a unique value in the Key Label field and provide values for the other fields.
Pay special attention to the value you provide in the Enter the name of a file in which to store the certificate request field and click OK.
A message is displayed that informs you where the file that contains your new certificate request is located. The message tells you to send that new certificate request file to your external certificate authority.

On the Message page, click OK.
The external certificate authority signs your new certificate request and sends back your new certificate. The external certificate authority might send their signer certificate or the external certificate authority might assume that you already have their signer certificate in the key database file.

If the external certificate authority sends their signer certificate, complete the following tasks:
Select Signer Certificates and click Add.
Provide the File Name and Location values of the file that contains the Signer Certificate and click OK.
If the external certificate authority assumes that you already have their signer certificate in the key database file, complete the following tasks:
Select Signer Certificates and click Populate.
Search the lists of CA Certificates, select the one(s) for the external certificate authority that signed your new certificate request, and click OK.
If the lists of CA Certificates do not contain the one(s) for the external certificate authority that signed your new certificate request, ask your external certificate authority to send their signer certificate.

Once you have the signer certificate for the external certificate authority that signed your new certificate request, complete the following tasks:
Select Personal Certificates and click Receive.
Provide the File Name and Location values of the file that contains your new certificate and click OK.
Select the certificate with the default label and click Rename.
Enter a new label for the certificate and click OK.
Select your new certificate and click Rename.
Enter default as the new label and click OK.
In the iKeyman utility, click Key Database File > Exit.
Stop and start the Device, Alert, or Web server.
See also:

IBM Knowledge Center - Configuring a self-signed certificate
 

9 More Discussions You Might Find Interesting

1. Web Development

SSL Certificate Installation problem

Hello everybody Hope somebody can help me I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle. I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot. I created a directory for certificate... (2 Replies)
Discussion started by: Trusevich
2 Replies

2. Web Development

SSL certificate

Dear All Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Discussion started by: netxus
1 Replies

3. AIX

Installing SSL certificate on AIX

Hello, I am new in UNIX, and some one asks me to install SSL certificates to allow exchange with an external system. Can someone tell how to install certificate (ex : verisignxxx.cer) on a UNIX server? Many thanks. Tibo (4 Replies)
Discussion started by: tibo51
4 Replies

4. Cybersecurity

SSL certificate

Hi guys. I have some questions about ssl certificates. I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain. my server host name is: srv1.example.com I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
Discussion started by: majid.merkava
1 Replies

5. Web Development

export SSL certificate

we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Discussion started by: lhareigh890
1 Replies

6. AIX

IBM Integrated Virtualization Manager

We have AIX runninng on IBM Bladecenter When opening a terminal window for one of the lpars, in Internet explorer it opens a pop up window and I can login, but when using Mozilla Firefox the popup window is closed immediately or doesn't even open. Please help. (1 Reply)
Discussion started by: wjace
1 Replies

7. Red Hat

SSL Certificate Renewal on Tomcat

Hi, I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app. Regards, Arumon (1 Reply)
Discussion started by: arumon
1 Replies

8. Cybersecurity

SSL Certificate Stores

Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right? If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Discussion started by: Lost in Cyberia
4 Replies

9. Web Development

CronJobs issues after SSL certificate

Hello! I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke. This was the command before: lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies

LEARN ABOUT SUSE

certtool

certtool(1)						      General Commands Manual						       certtool(1)

NAME

       certtool - Manipulate certificates and keys.

SYNOPSIS

       certtool [options]

DESCRIPTION

       Generate X.509 certificates, certificate requests, and private keys.

OPTIONS

   Program control options
       -d, --debug LEVEL
	      Specify the debug level. Default is 1.

       -h, --help
	      Shows this help text

       -v, --version
	      Shows the program's version

   Getting information on X.509 certificates
       -i, --certificate-info
	      Print information on a certificate.

       -k, --key-info
	      Print information on a private key.

       -l, --crl-info
	      Print information on a CRL.

       --p12-info
	      Print information on a PKCS #12 structure.

   Getting information on Openpgp certificates
       --pgp--certificate-info
	      Print information on an OpenPGP certificate.

       --pgp--key-info
	      Print information on an OpenPGP private key.

       --pgp--ring-info
	      Print information on a keyring.

   Generating/verifying X.509 certificates/keys
       -c, --generate-certificate
	      Generate a signed certificate.

       -e, --verify-chain
	      Verify a PEM encoded certificate chain.  The last certificate in the chain must be a self signed one.

       --generate-dh-params
	      Generate PKCS #3 encoded Diffie-Hellman parameters.

       --load-ca-certificate FILE
	      Certificate authority's certificate file to use.

       --load-ca-privkey FILE
	      Certificate authority's private key file to use.

       --load-certificate FILE
	      Certificate file to use.

       --load-privkey FILE
	      Private key file to use.

       --load-request FILE
	      Certificate request file to use.

       -p, --generate-privkey
	      Generate a private key.

       -q, --generate-request
	      Generate a PKCS #10 certificate request.

       -s, --generate-self-signed
	      Generate a self-signed certificate.

       -u, --update-certificate
	      Update a signed certificate.

   Controlling output
       -8, --pkcs8
	      Use PKCS #8 format for private keys.

       --dsa  Generate a DSA key.

       --bits BITS
	      Specify the number of bits for key generation.

       --export-ciphers
	      Use weak encryption algorithms.

       --inraw
	      Use RAW/DER format for input certificates and private keys.

       --infile FILE
	      Input file.

       --outraw
	      Use RAW/DER format for output certificates and private keys.

       --outfile FILE
	      Output file.

       --password PASSWORD
	      Password to use.

       --to-p12
	      Generate a PKCS #12 structure.

       --template
	      Use a template file to read input. See the doc/certtool.cfg in the distribution, for an example.

       --fix-key
	      Some  previous  versions	of certtool generated wrongly the optional parameters in a private key. This may affect programs that used
	      them. To fix an old private key use --key-info in combination with this parameter.

       --v1   When generating a certificate use the X.509 version 1 format.  This does not add any extensions (such as indication for  a  CA)  but
	      some programs do need these.

EXAMPLES

       To create a private key, run:

	      $ certtool --generate-privkey --outfile key.pem

       To create a certificate request (needed when the certificate is issued by another party), run:

	      $ certtool --generate-request --load-privkey key.pem 
		 --outfile request.pem

       To generate a certificate using the previous request, use the command:

	      $ certtool --generate-certificate --load-request request.pem 
		 --outfile cert.pem --load-ca-certificate ca-cert.pem 
		 --load-ca-privkey ca-key.pem

       To generate a certificate using the private key only, use the command:

	      $ certtool --generate-certificate --load-privkey key.pem 
		 --outfile cert.pem --load-ca-certificate ca-cert.pem 
		 --load-ca-privkey ca-key.pem

       To view the certificate information, use:

	      $ certtool --certificate-info --infile cert.pem

       To generate a PKCS #12 structure using the previous key and certificate, use the command:

	      $ certtool --load-certificate cert.pem --load-privkey key.pem 
		 --to-p12 --outder --outfile key.p12

AUTHOR

       Nikos Mavroyanopoulos <nmav@gnutls.org> and others; see /usr/share/doc/gnutls-bin/AUTHORS for a complete list.

       This manual page was written by Ivo Timmermans <ivo@debian.org>, for the Debian GNU/Linux system (but may be used by others).

								   May 23rd 2005						       certtool(1)
All times are GMT -4. The time now is 07:09 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy