Manualshelf

HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)

ManualsBrandsHP ManualsSoftwareHP-UX IPSec Software
111112113114115116117118119120
# ipsec_config show cacert
In directory /var/adm/ipsec/certstore :
CA cert :
5b0152d9.0 - subject : /C=US/O=HP/OU=LAB/CN=myPKI
CRL :
5b0152d9.r0 - issuer : issuer=/C=US/O=HP/OU=LAB/CN=myPKI
lastUpdate=Mar 4 19:33:08 2009 GMT
nextUpdate=Apr 4 07:53:08 2009 GMT
You can use OpenSSL utilities to display more information about the certificate and CRL files. For
example, you can use the following command to display the information about the root CA
certificate:
openssl x509 -in rootcert.pem -text
Deleting the Local System Certificate
To delete the local system certificate, use the following command:
ipsec_config delete mycert
This command also deletes the /var/adm/ipsec/certstore/mykey.pem private key file and
updates the /var/adm/ipsec/cainfo.txt file to indicate that HP-UX IPSec certificates are not
configured on the system.
Deleting the CA Certificate and CRL Files
To delete a CA certificate or CRL file, delete the appropriate file from the /var/adm/ipsec/
certstore directory. To determine the subject name of a CA certificate file or the issuer name
of a CRL file, use the ipsec_config show cacert command.
114 Using Certificates with HP-UX IPSec