12-11-2018
None of those links is what I have. I do not have "IBM Spectrum Control" available to me. I have a P8 with AIX installed with three LPARS the vios has a website that controls the LPAR's. It has a self signed cert. We need to put our own certificate on this.
The second link shows using '/opt/ibm/ccm/create_security_artifacts.sh' but that file is not found anywhere on my VIOS.
I think the keystore is here (not 100% sure): /usr/ios/lpm/gui/httpd/security/keystore/ibmjsse2.jks and .jts
9 More Discussions You Might Find Interesting
1. Web Development
Hello everybody
Hope somebody can help me
I'm trying to install SSL Certificate on Apache/mod_ssl on Linux with Zend for Oracle.
I bought and downloaded certificate from certificate from Network Solutions. Than I followed the instructions to the dot.
I created a directory for certificate... (2 Replies)
Discussion started by: Trusevich
2 Replies
2. Web Development
Dear All
Anyone know how to issue two different certification on apache virtualhost fyi i have one virtualhost eg 69.192.1.25:443 already signed with verisign how can i configure another virtualhost 69.192.1.25:443 which signing with another certificate which self signing. i search net not... (1 Reply)
Discussion started by: netxus
1 Replies
3. AIX
Hello,
I am new in UNIX, and some one asks me to install SSL certificates to allow exchange with an external system.
Can someone tell how to install certificate (ex : verisignxxx.cer) on a UNIX server?
Many thanks.
Tibo (4 Replies)
Discussion started by: tibo51
4 Replies
4. Cybersecurity
Hi guys.
I have some questions about ssl certificates.
I looked at SSL providers and saw that they are providing 2 types of certificates: per server or per domain.
my server host name is: srv1.example.com
I have a smtp, imap, web server on this box. but all services accessed by different... (1 Reply)
Discussion started by: majid.merkava
1 Replies
5. Web Development
we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Discussion started by: lhareigh890
1 Replies
6. AIX
We have AIX runninng on IBM Bladecenter
When opening a terminal window for one of the lpars, in Internet explorer it opens a pop up window and I can login, but when using Mozilla Firefox the popup window is closed immediately or doesn't even open.
Please help. (1 Reply)
Discussion started by: wjace
1 Replies
7. Red Hat
Hi,
I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app.
Regards,
Arumon (1 Reply)
Discussion started by: arumon
1 Replies
8. Cybersecurity
Hey everyone, I'm trying to get a lay of the land for OS and Application Certificate Stores. Can someone confirm that I have this concept right?
If the application you're using say Firefox has it's own trusted CA store, it uses that exclusively. So if you're running firefox in Windows, Firefox... (4 Replies)
Discussion started by: Lost in Cyberia
4 Replies
9. Web Development
Hello!
I had a cron job running on my website, activating a php script every friday. The Php script just activated another photo to add in the gallery. It worked fine until I got an SSL certificate for my website, then everything broke.
This was the command before:
lynx -source... (0 Replies)
Discussion started by: AGDesign
0 Replies
LEARN ABOUT DEBIAN
yhsm-keystore-unlock
yhsm-keystore-unlock(1) General Commands Manual yhsm-keystore-unlock(1)
NAME
yhsm-keystore-unlock - Unlock the keystore in a YubiHSM
SYNOPSIS
yhsm-keystore-unlock [options]
DESCRIPTION
In versions of the YubiHSM before 1.0, the YubiHSM could be protected using a 'HSM password'. The YubiHSM would unlock it's cryptographic
functions if the correct password was given, but it was a simple comparision test.
In YubiHSM 1.0, the password was changed into an actual key that was used to decrypt the contents of the YubiHSM internal key store, which
was then AES-256 encrypted using the new 'Master key' when stored in the device.
In YubiHSM 1.0, the option to also require an YubiKey OTP to unlock the keystore was also added. One or more 'Admin YubiKeys' can be con-
figured in the YubiHSM, and an OTP from one of these must also be provided before the YubiHSM will enable it's cryptographic functions.
The OTP is simply validated against the non-encrypted internal database (not key store) in the YubiHSM though, but together with a 'Master
key' not stored on the server with the YubiHSM, it provides enhanced security by being a second factor that an attacker can't just inter-
cept even if the server is compromised.
OPTIONS
-D, --device
device file name (default: /dev/ttyACM0).
-v, --verbose
enable verbose operation.
--debug
enable debug printout, including all data sent to/from YubiHSM.
--no-otp
skip the prompt for an OTP. For use by scripts where no OTP is required and the Master Key is stored on the server with the YubiHSM.
--stdin
read password and/or OTP from stdin rather than prompting for them. Python prompts does not accept piped input, so this option have
to be used to unlock the YubiHSM from a script for example.
EXIT STATUS
0 YubiHSM keystore successfully unlocked.
1 Failed to unlock keystore.
BUGS
Report python-pyhsm/yhsm-keystore-unlock bugs in the issue tracker <https://github.com/Yubico/python-pyhsm/issues/>
SEE ALSO
The python-pyhsm home page <https://github.com/Yubico/python-pyhsm/>
YubiHSMs can be obtained from Yubico <http://www.yubico.com/>.
python-pyhsm December 2011 yhsm-keystore-unlock(1)