Personal certificate store

The personal certificate store file, cert.pem.

This file contains the personal certificate and the encrypted private key for the client to use, in PEM format. The existence of this file is optional when we are using TLS channels that do not require client authentication. Where client authentication is required by the channel, and SSLCAUTH(REQUIRED) is specified on the channel definition, this file must exist and contain both the certificate and encrypted private key.

File permissions must be set on this file to allow read access to the owner of the certificate store.

A correctly formatted cert.pem file must contain exactly two sections with the following headers and footers:

-----BEGIN PRIVATE KEY-----
Base 64 ASCII encoded private key data here
-----END PRIVATE KEY-----

-----BEGIN CERTIFICATE-----
Base 64 ASCII encoded certificate data here
-----END CERTIFICATE-----

The pass phrase for the encrypted private key is stored in the pass phrase stash file, Stash.sth.

Parent topic: Certificate management