Installing the certificate on client systems
For the clients to trust a certificate, its public part needs to be distributed to the clients and stored in their key databases.
About this task
To install the certificate on client systems, do the following:
Procedure
-
Extract the public part to a file using the following command:
gsk8capicmd_64 -cert -extract -db server.kdb -stashed -label "My self-signed certificate" -format ascii -target mycert.arm
- Distribute mycert.arm to the clients.
-
Add the new certificate to the clients' key database as follows:
gsk8capicmd_64 -cert -add -db client.kdb -stashed -label "Server self-signed certificate" -file mycert.arm -format ascii -trust enable
The -db parameter specifies the name of the client's key database file. The -label parameter specifies the label to be used for the certificate inside the key database file. The -file parameter specifies the file containing the certificate to be imported.