User guide
B-10
Cisco Transport Manager Release 9.2 GateWay/CORBA User Guide and Programmer Manual
OL-20937-01
Appendix B Server Administration and Configuration
B.12.2 Generating the Client-Side Certificate
B.12.2 Generating the Client-Side Certificate
Note the following conventions:
• ascii_client_ks—Denotes a client-side keystore.
• ascii_client_cert—Denotes a client-side certificate.
• gwcorba_service_ks—Denotes a server-side keystore.
• gwcorba_service_cert—Denotes a server-side certificate.
Step 1 Enter the keytool command to generate a keystore:
keytool -genkey -alias ascii_client -validity 25000 -keystore ascii_client_ks -storepass
ascii_client_ks_pass -keypass ascii_client_ks_pass
What is your first and last name?
[Unknown]: ascii client
What is the name of your organizational unit?
[Unknown]:
What is the name of your organization?
[Unknown]: cisco
What is the name of your City or Locality?
[Unknown]:
What is the name of your State or Province?
[Unknown]:
What is the two-letter country code for this unit?
[Unknown]:
Is CN=ascii client, OU=Unknown, O=cisco, L=Unknown, ST=Unknown, C=Unknown correct?
[no]: y
Step 2 Verify that the generated keystore and key have the following attributes:
Keystore name: ascii_client_ks
Alias: ascii_client
Keystore password: ascii_client_ks_pass
Key password: ascii_client_ks_pass
Validity: 25000 days
Step 3 Enter the following command to generate a client-side certificate that will be issued to the server:
keytool -export -keystore ascii_client_ks -alias ascii_client -storepass
ascii_client_ks_pass -file ascii_client_cert
Certificate stored in file <ascii_client_cert>
Step 4 Verify that the certificate is stored in the ascii_client_cert file.
B.12.3 Adding the Client-Side Certificate to the Server-Side Keystore
Step 1 Enter the following command to add the client-side certificate to the server-side keystore. (Use FTP or
a similar tool to deliver the ascii_client_cert file to the server. The server-side keystore is located in the
/opt/CiscoTransportManagerServer/cfg directory on the server.)
keytool -import -keystore gwcorba_service_ks -alias ascii_client -storepass
gwcorba_service_ks_pass -file ascii_client_cert