Installs or removes a root certificate for a custom CA for use with SGD security services.
tarantella security customca
tarantella security customca --rootfile carootfile
| --remove
CA certificates must be Base 64-encoded PEM-format, with a header
line including "BEGIN CERTIFICATE"
, as used by
OpenSSL.
If no arguments are specified, this command reads the root certificate from standard input.
The following table shows the available options for this command.
Option | Description |
---|---|
|
Specifies the location of a file containing the CA's
root certificate. Details are copied to
You must specify the full path to the root certificate
file. The path must be readable by the
|
| Removes any custom CA's root certificate currently installed for use with SGD security services. |
This command also imports the CA certificate into the CA
certificate truststore for the SGD server. This is
the /opt/tarantella/bin/jre/lib/security/cacerts
file.
The following example installs a CA's root certificate from the
file/tmp/rootcert
, which you can then delete.
# tarantella security customca --rootfile /tmp/rootcert