Black Box EncrypTight Manuale Utente
Working with Certificates for the ETEPs
EncrypTight User Guide
277
Generating a Certificate Signing Request for the HSM
To generate a certificate signing request:
1 At the command line, type:
1 At the command line, type:
keytool -keystore NONE -storetype PKCS11 -certreq -keyalg RSA
-providername SunPKCS11-psie -alias <alias> -storepass <password> -file
<csr filename>
-providername SunPKCS11-psie -alias <alias> -storepass <password> -file
<csr filename>
Importing Signed Certificates into the HSM
To import signed certificates into the HSM:
1 At the command line, type:
1 At the command line, type:
keytool -keystore NONE -storetype PKCS11 -import -alias <alias> -file
<filename> -providername SunPKCS11-psie -storepass <password>
<filename> -providername SunPKCS11-psie -storepass <password>
Working with Certificates for the ETEPs
The Certificate Manager is a tool for obtaining and managing certificates for your ETEPs, including
identity certificates and the external certificates used for validating other EncrypTight components.
identity certificates and the external certificates used for validating other EncrypTight components.
Table 75
Generating a Certificate Signing Request for use with the HSM
Parameter
Description
keystore
Specifies the keystore to use. A type of NONE indicates that a security
device is being used for the keystore.
storetype
Specifies the type of keystore in use.
certreq
Generates a certificate signing request.
keyalg
Specifies the algorithm to use for the certificate.
providername
Specifies the name of the security device/software.
alias
Assigns a name for this entry in the keystore.
storepass
Specifies the password for the keystore.
file
Specifies a name for the certificate signing request file.
Table 76
Importing a certificate to the HSM
Parameter
Description
keystore
Specifies the keystore to use. A type of NONE indicates that a security
device is being used for the keystore.
storetype
Specifies the type of keystore in use.
alias
Assigns a name for this entry in the keystore.
file
Specifies the name of the certificate file to import.
providername
Specifies the name of the security device/software.
storepass
Specifies the password for the keystore.
providername
Specifies the name of the security device/software.