This topic describes how to store a certificate from a
certificate authority (CA) that is not a trusted CA.
Procedure
To store a certificate from a CA that is not a trusted
CA, use the following command: <ihsinst>/bin/gskcmd -cert -add -db <filename>.kdb -pw <password> -label <label>
-format <ascii | binary> -trust <enable | disable> -file <filename>
where:
- -add specifies an add action.
- -cert indicates the operation applies to a certificate.
- -db <filename> is the name of the database.
- -file <filename> specifies the file
containing the CA certificate.
- -format <ascii | binary> indicates the
certificate authorities might supply a binary or an ASCII file.
- -label <label> is the label attached to
a certificate or certificate request.
- -pw <password> is the password to access
the key database.
- -trust <enable | disable> indicates whether
this CA can be trusted. The default is enable and indicates that
the CA can be trusted.