HP-UX IPSec A.03.00 Release Notes

Certificate Files

Beginning with release A03.00, HP-UX IPSec stores certificate and CRL files in new locations.

The ipsec_migrate utility performs the following tasks when migrating to HP-UX IPSec

version A.03.00 from previous versions:

• Extracts certificates, the private key and certificate data from the following files under the

/var/adm/ipsec/backup directory:

/var/adm/ipsec/cainfo.txt

/var/adm/ipsec/ipsec.key

/var/adm/ipsec/ipsec.cert

The ipsec_migrate utility prompts the user for the HP-UX IPSec password and uses the

password to decrypt and extract the private key. It also extracts the certificates for the local

system and CA and stores the certificates and keys in files under the /var/adm/ipsec/

certstore directory.

• If the file /var/adm/ipsec_gui/cron/crl.cron exists, ipsec_migrate creates a

soflink from this file to /var/adm/ipsec/util/crl.cron. The crl.cron is a file is a

script that can be executed from a cron job to periodically retrieve CRLs from LDAP

directories. This file was located in the/var/adm/ipsec_gui/cron directory in previous

releases.

You can modify and resubmit the root crontab file to execute the /var/adm/ipsec/

util/crl.cron script directly.

Related Information

The latest documentation for HP-UX IPSec is available in English at http://www.docs.hp.com.

Available documents include:

• HP-UX IPSec version A.03.00 Administrator's Guide (J4256–90043)

• HP-UX IPSec Performance and Sizing Whitepaper

Software Availability in Native Languages

The HP-UX IPSec product is available only in the English language.

Related Information 19