SSL Libraries Used with the Certificate/Key Management Environment
8-13
The following shows the procedure for migration:
1. Search for existing resources (private key and certificates).
2. Create a certificate/key management environment.
3. Register resources searched for in 1 in the environment created in 2.
4. Register the user PIN.
For command details, refer to the Reference Manual (Command Edition).
1. Search for Existing Resources (Private Key and Certificates).
Use the pfx data creation command to search for resources.
Example
cmmkpfx d:\sslenv\my_site_pfx.pfx -ed d:\sslenv\sslcert -sn 1 -nn MySiteCert
# cmmkpfx /entdir/my_site_pfx.pfx -ed /export/home/sslcert -sn 1 -nn MySiteCert
Client CA certificates and CRL cannot be searched for by the pfx data creation command.
If a client CA certificate or CRL is needed, re-register using the ordinary method.
When creating the pfx data, specify the nickname of the "Site certificate". The pfx data creation command
reads out the site certification, its private key, the Certification Authority of the site certificate (a complete
setup to the root CA certificate), and creates the pfx data.
2. Create a Certificate/Key Management Environment.
Create a certificate/key management environment.
For details, refer to Creating a Certificate/Key Management Environment.
3. Register Resources Searched For in 1. In the Environment Created in 2.
Use the pfx data registration command to register resources.
Example
The example below assumes the newly created Certificate/Key Management Environment is
d:\sslnewenv\sslcert.
cmentpfx d:\sslenv\my_site_pfx.pfx -ed d:\sslnewenv\sslcert -sn 1 -nn
MyNewSiteCert -entca
Commentaires sur ces manuels