Справочник Пользователя для Black Box ET1000A
Using Enhanced Security Features
274
EncrypTight User Guide
Importing a CA Certificate
Depending on the CA that you use, you could receive a single certificate or a certificate chain. If the
reply is a single certificate and it is not a copy of a CA trusted root certificate, you need acquire the
certificate for a trusted root. If the reply from the CA is a chain itself, you only need the root, or top-level
certificate in the chain.
reply is a single certificate and it is not a copy of a CA trusted root certificate, you need acquire the
certificate for a trusted root. If the reply from the CA is a chain itself, you only need the root, or top-level
certificate in the chain.
If the trusted root certificate is not a file by itself, copy and paste it to a new file.
Use the keytool command to install the trusted root certificate from the CA into the keystore for the
EncrypTight software. The CA certificate can be used to validate the public key of the CA that you use.
EncrypTight software. The CA certificate can be used to validate the public key of the CA that you use.
To install a CA certificate:
1 From the command line, import the CA certificate into the keystore with the
1 From the command line, import the CA certificate into the keystore with the
keytool -import
command.
keytool -importcert -alias <alias> -file <filename> -keystore
<keystore> -storepass <password>
<keystore> -storepass <password>
For example:
keytool -importcert -alias CACert -file C:\docs\CACart.cer
-keystore C:\Safe\mykeystore -storepass password2
-keystore C:\Safe\mykeystore -storepass password2
This imports the CA certificate into the keystore.
Importing a CA Certificate Reply
Once you have a certificate of the CA to which you submitted your certificate signing request, you can
import the certificate reply from the CA.
import the certificate reply from the CA.
To import a CA certificate reply:
1 From the command line, use the following command to import the certificate:
1 From the command line, use the following command to import the certificate:
keytool -importcert -trustcacerts -file <filename>
Where
filename
is the name of the certificate file that you want to import.
For example:
keytool -importcert -trustcerts -file c:\docs\ETKMS3.cer
This imports the certificate file named “ETKMS3.cer” into the keystore.
Table 71
Keytool Parameters for Importing a CA Certificate
Parameter
Description
alias
The name of the entry for this certificate in the keystore.
file
The name and location of the certificate file.
keystore
The name and location of the keystore file.
storepass
The password for the keystore.