Manualshelf

Installation guide

ManualsBrandsVMware ManualsOtherVCM 5.3 - TRANSPORT LAYER SECURITY IMPLEMENTATION
71727374757677787980
CSI_ManageCertificateStore Options
The following printout of the CSI_ManageCertificateStore manpage is useful in understanding the CSI_
ManageCertificateStore command options.
# CSI_ManageCertificateStore -?
Usage: /opt/CMAgent/CFC/3.0/bin/CSI_ManageCertificateStore
-[?h]
[-c certificate_store_name] -[adel] [-g fingerprint] [-s subject] [-f
filename]
[-c certificate_store_name] -[iu] -f filename
-h Display this help and exit
-? Display this help and exit
-c The name of the certificate store. This name includes the path. Defaults
to registry value
-a Perform action on all certificates in the store
-d Delete from the certificate store
-e Export certificate(s) and associated key(s) from the certificate store to
file(s) named fingerprint-cert.pem and fingerprint-key.pem ('fingerprint' is
the hex SHA1 hash of the certificate)
-f File that contains a certificate external to the certificate store to use.
The certificate in the file must be in PEM format
-g SHA1 hash fingerprint of the certificate in the store to act upon
-i Insert certificate into the certificate store
-k File that contains the private key associated with the certificate.
Private certificate keys are only used for mutual authentication. The key
must be in PEM format. Associating a key with a certificate will cause the
registry to be modified to setup mutual authentication
-l List entries from the certificate store
-n Common name of the certificates in the store to act upon
-p Passphrase for the private key. Needed if the private key PEM file was
passphrase protected, or if the exported key should be protected
-s Subject of the certificates in the store to act upon
-u Update certificate in the certificate store
-z Mark a certificate as authorized
Common Uses
(All commands are run from the /opt/CMAgent/CFC/3.0/bin/ directory.)
Insert a new certificate into the certificate store:
CSI_ManageCertificateStore -i -f filename
Insert a new certificate into the certificate store and mark it as authorized:
CSI_ManageCertificateStore -iz -f filename
Update an existing certificate in the certificate store:
CSI_ManageCertificateStore -u -f filename
Add a key to an existing certificate in the certificate store:
CSI_ManageCertificateStore -u -f filename -k key_filename
Delete an existing certificate from the certificate store:
VCM Security Guide
76
VMware, Inc.