Filter
Top Products
Using Enhanced Security Features
274 EncrypTight User Guide
Importing a CA Certificate
Depending on the CA that you use, you could receive a single certificate or a certificate chain. If the
reply is a single certificate and it is not a copy of a CA trusted root certificate, you need acquire the
certificate for a trusted root. If the reply from the CA is a chain itself, you only need the root, or top-level
certificate in the chain.
If the trusted root certificate is not a file by itself, copy and paste it to a new file.
Use the keytool command to install the trusted root certificate from the CA into the keystore for the
EncrypTight software. The CA certificate can be used to validate the public key of the CA that you use.
To install a CA certificate:
1 From the command line, import the CA certificate into the keystore with the
keytool -import
command.
keytool -importcert -alias <alias> -file <filename> -keystore
<keystore> -storepass <password>
For example:
keytool -importcert -alias CACert -file C:\docs\CACart.cer
-keystore C:\Safe\mykeystore -storepass password2
This imports the CA certificate into the keystore.
Importing a CA Certificate Reply
Once you have a certificate of the CA to which you submitted your certificate signing request, you can
import the certificate reply from the CA.
To import a CA certificate reply:
1 From the command line, use the following command to import the certificate:
keytool -importcert -trustcacerts -file <filename>
Where filename is the name of the certificate file that you want to import.
For example:
keytool -importcert -trustcerts -file c:\docs\ETKMS3.cer
This imports the certificate file named “ETKMS3.cer” into the keystore.
Table 71 Keytool Parameters for Importing a CA Certificate
Parameter Description
alias The name of the entry for this certificate in the keystore.
file The name and location of the certificate file.
keystore The name and location of the keystore file.
storepass The password for the keystore.