Filter
Top Products
Working with Certificates for the ETEPs
EncrypTight User Guide 277
Generating a Certificate Signing Request for the HSM
To generate a certificate signing request:
1 At the command line, type:
keytool -keystore NONE -storetype PKCS11 -certreq -keyalg RSA
-providername SunPKCS11-psie -alias <alias> -storepass <password> -file
<csr filename>
Importing Signed Certificates into the HSM
To import signed certificates into the HSM:
1 At the command line, type:
keytool -keystore NONE -storetype PKCS11 -import -alias <alias> -file
<filename> -providername SunPKCS11-psie -storepass <password>
Working with Certificates for the ETEPs
The Certificate Manager is a tool for obtaining and managing certificates for your ETEPs, including
identity certificates and the external certificates used for validating other EncrypTight components.
Table 75 Generating a Certificate Signing Request for use with the HSM
Parameter Description
keystore Specifies the keystore to use. A type of NONE indicates that a security
device is being used for the keystore.
storetype Specifies the type of keystore in use.
certreq Generates a certificate signing request.
keyalg Specifies the algorithm to use for the certificate.
providername Specifies the name of the security device/software.
alias Assigns a name for this entry in the keystore.
storepass Specifies the password for the keystore.
file Specifies a name for the certificate signing request file.
Table 76 Importing a certificate to the HSM
Parameter Description
keystore Specifies the keystore to use. A type of NONE indicates that a security
device is being used for the keystore.
storetype Specifies the type of keystore in use.
alias Assigns a name for this entry in the keystore.
file Specifies the name of the certificate file to import.
providername Specifies the name of the security device/software.
storepass Specifies the password for the keystore.
providername Specifies the name of the security device/software.