Red Hat CERTIFICATE SYSTEM 7.3 - COMMAND-LINE Informations techniques télécharger pdf (Page 30)

certutil -d /var/lib/instance_ID/logs/signedAudit/dbdir -A -n "CA

Certificate" -t \

"CT,CT,CT" -a -i /var/lib/instance_ID/alias/cacert.txtcertutil -d \

/var/lib/instance_ID/logs/signedAudit/dbdir -A -n "Log Signing

Certificate" -a -i \

/var/lib/instance_ID/alias/logsigncert.txt

3. Syntax

The AuditVerify tool has the following syntax:

AuditVerify -d dbdir -n signing_certificate_nickname -a logListFile [-P

cert/key_db_prefix] [-v]

Option Description

d Specifies the directory containing the security

databases with the imported audit log signing

certificate.

n Gives the nickname of the certificate used to

sign the log files. The nickname is whatever

was used when the log signing certificate was

imported into that database.

a Specifies the text file containing a comma

separated list (in chronological order) of the

signed audit logs to be verified. The contents

of the logListFile are the full paths to the audit

logs. For example:

/var/lib/rhpki-ca/logs/signedAudit/ca_cert-ca_audit,

/var/lib/rhpki-ca/logs/signedAudit/ca_cert-ca_audit.20030227102711,

/var/lib/rhpki-ca/logs/signedAudit/ca_cert-ca_audit.20030226094015

P Optional. The prefix to prepend to the

certificate and key database filenames. If

used, a value of empty quotation marks (“”)

should be specified for this argument, since

the auditor is using separate certificate and

key databases from the Certificate System

instance and it is unlikely that the prefix

Chapter 5. AuditVerify

1 2 ... 25 26 27 28 29 30 31 32 33 34 35 ... 103 104

Pas de commentaire

Red Hat CERTIFICATE SYSTEM 7.3 - COMMAND-LINE Informations techniques Page 30