Secure Computing Sidewinder Version 5.1.0.02 User Manual

Managing Sidewinder self-signed certs

3-8

Configuring Sidewinder for Soft-PK Clients

Click

Close

to return to the previous window.

Converting the certificate
file/private key file pair to
pkcs12 format

To start the PKCS12 utility on the Sidewinder, from the command line,
enter the following command:

pkcs12_util

The utility will prompt you for the name and location of the private key
file, for the name and location of the associated certificate file, and for
the name and location in which to store the resulting PKCS12-format-
ted object.

The following message appears:

Please put file extensions on all file names.

Enter the name of the PKCS1 object (private key) file:

Type the full path name of the private key file.

The following message appears:

Enter the name of the PEM signed public key (certificate)

file:

Type the full path name of the associated certificate file.

The following message appears:

Enter the name of the output PKCS12 object (*.p12):

Type the full path name of the object file that will be created by the
utility. Be sure to use a

.p12

extension on the file name.

The following message appears:

pkcs12 encryption password for public key (it WILL be clear

screen text):

10.

Type a password for this PKCS12 object.

You apply a password to the object because the object contains both
the public and private keys. The password will be needed when import-
ing this object into a Soft-PK client. The password can consist of any
alpha-numeric characters.

Note: After typing the password, the utility creates the PKCS12 file in the directory
you specified in Step 9.

11.

Return to

Step 1

for each remote client.

Copy the client key/
certificate object to a
diskette

Once you have finished creating the PKCS12 object(s), copy each
object to its own diskette for distribution to the appropriate Soft-PK
client. You can do this using the

mcopy

command. For example:

% mcopy -t filename a:filename