This section describes how to view trusted certificate authorities
and display default keys within a key database.
About this task
A trusted certificate authority (CA) issues and manages public keys
for data encryption. A key database is used to share public keys that are
used for secure connections. The tasks that follow show how to view the certificate
authorities that are in your database, along with their expiration dates.
Procedure
- Display a list of trusted CAs in a key database by entering the
following command as one line:
<ihsinst>/bin/gsk7cmd -cert -list CA -db < dbname > -pw <password> -type <cms | jks |jceks | pkcs12>
- Display a list of certificates in a key database and their expiration
dates by enter the following command:
<ihsinst>/bin/gsk7cmd -cert -list -expiry < days > -db < filename > -pw < paswsword > - type < type >
where:
- -cert indicates the operation applies to a certificate.
- -list <all | personal | CA | site> specifies a list action.
The default is to list all certificates.
- -expiry <days> indicates that validity dates should be
displayed. Specifying the number of days is optional, though when used will
result in displaying all certificates that expire within that amount of days.
To list certificates that have already expired, enter the value 0.
- -db <filename> is the name of the key database. It is used
when you want to list a certificate for a specific key database.
- -pw <password> specifies the password to access the key
database.
- -type <cms | JKS | JCEKS | pkcs12> specifies the type of
database.