Storing a certificate authority certificate

This topic describes how to store a certificate from a certificate authority (CA) that is not a trusted CA.

Procedure

To store a certificate from a CA that is not a trusted CA, use the following command:

install_root/bin/gskcmd -cert -add -db filename [-pw password | -stashed] 
-label label -format ascii | binary -trust enable | disable 
-file filename

where:

-add specifies an add action.
-cert indicates the operation applies to a certificate.
-db filename is the name of the database.
-file filename specifies the file containing the CA certificate.
-format ascii | binary indicates the certificate authorities might supply a binary or an ASCII file.
-label label is the label attached to a certificate or certificate request.
-pw password is the password to access the key database.
-stashed indicates that the password for the key database should be recovered from the stash file.
-trust enable | disable indicates whether this CA can be trusted. The default is enable and indicates that the CA can be trusted.