wlicert.conf.4 (2011 03)

ManualsBrandsHP ManualsSoftwareHP-UX Manpages

wlicert.conf(4)

Optional WLI Product Required

wlicert.conf(4)

NAME

wlicert.conf - WLI capabilities conﬁguration ﬁle

DESCRIPTION

The ﬁle

/etc/wli/wlicert.conf

contains WLI capabilities granted to each authorized public key.

For more information about all capabilities , see wli(5). For more information on authorizing and grant-

ing capabilities to public keys, see wlicert (1M).

The capabilities information is organized by section. Each section has the name of the capability and

contains a list of cryptographic ﬁngerprints for public keys that have the capability . A unique ﬁngerprint

is generated for every authorized public key.

/etc/wli/certificates

.Ifacapability section does

not exist, it implies that no public key has been granted that capability .

The format for each section is:

capabilityname

{

fngr1 =*

fngr2 =*

fngrn =*

}

Values of capabilityname are

admin, wmd, mem, dlkm, and api. Imported public keys are represented

by ﬁngr1, ﬁngr2, ..., fngrn.

/etc/wli/wlicert.conf

ﬁle is created when WLI is initialized, just after the product is installed.

The ﬁrst section,

admin, is created when root authorizes the ﬁrst WLI administrator key pair with the

recovery agent private key. For more information on WLI initialization and authorizing administrator

keys, see wliadm (1M). The ﬁngerprint of the public key is listed as the ﬁrst entry in the

admin section.

admin capability is granted to additional public keys, they are listed under the admin section. For

example:

admin {

aeb3a3a360669f03d20a91193d2f5f535670f29c = *

b0c6e6a44b11a7b4bd6072f8a81a626153dd2660 = *

}

All other sections are created the ﬁrst time a public key is granted the respective capability using

wlicert (1M). For example:

wmd {

d0fef0b91e02e5f0932abdcb0774f24f8466dcc6 = *

}

mem {

318173da446d704ae6c21f8a708053cfc946fd84 = *

}

dlkm {

318173da446d704ae6c21f8a708053cfc946fd84 = *

d0fef0b91e02e5f0932abdcb0774f24f8466dcc6 = *

}

api {

318173da446d704ae6c21f8a708053cfc946fd84 = *

}

When a public key has been granted more than one capability , it will be listed in each capability section.

AUTHOR

The wlicert.conf ﬁle was developed by HP.

Summary of content (2 pages)

PAGE 1
wlicert.conf(4) Optional WLI Product Required wlicert.conf(4) NAME wlicert.conf - WLI capabilities configuration file DESCRIPTION The file /etc/wli/wlicert.conf contains WLI capabilities granted to each authorized public key. For more information about all capabilities , see wli (5). For more information on authorizing and granting capabilities to public keys, see wlicert (1M). The capabilities information is organized by section.
PAGE 2
(Notes) 2 Hewlett-Packard Company (Notes) −1− HP-UX 11iv3: Sep 2010 Web Release