This topic describes how to store a certificate from a certificate
authority (CA) that is not a trusted CA.
Procedure
To store a certificate from a CA that is not a trusted CA, use
the following command: <ihsinst>/bin/gsk7cmd -cert -add -db <filename>.kdb -pw <password> -label <label> -format <ascii | binary> -trust <enable | disable> -file <filename>
where:
- -add specifies an add action.
- -cert indicates the operation applies to a certificate.
- -db <filename> is the name of the database.
- -file <filename> specifies the file containing the CA certificate.
- -format <ascii | binary> indicates the certificate authorities
might supply a binary or an ASCII file.
- -label <label> is the label attached to a certificate or
certificate request.
- -pw <password> is the password to access the key database.
- -trust <enable | disable> indicates whether this CA can
be trusted. Should be yes.