Installs a server SSL certificate, or specifies the location of a previously installed SSL certificate, to be used by SGD security services.
tarantella security certuse
tarantella security certuse --certfilecfile
[ --keyfilekfile
]
SSL certificates must be Base 64-encoded Privacy Enhanced Mail
(PEM) format, with a header line including "BEGIN
CERTIFICATE"
, as used by OpenSSL.
If no arguments are specified, this command reads the SSL
certificate from standard input and installs it in
/opt/tarantella/var/tsp
.
After installing an SSL certificate, you must restart SGD using the tarantella restart command.
The following table shows the available options for this command.
Option | Description |
---|---|
|
Specifies the location of a file containing the SSL
certificate. If no
You can use this option as follows:
You must specify the full path to the SSL certificate
file. The path must be readable by the
|
|
Specifies the location of a file containing the private
key for the SSL certificate specified by
Use this option to tell SGD about a private key you have already. If you used the Section D.86, “tarantella security certrequest” command to generate a CSR and obtain an SSL certificate, you do not need to use this option.
You must specify the full path to the key file. The path
must be readable by the |
The following command installs an SSL certificate, which is saved
in a temporary file /tmp/cert
, and uses the
private key generated when the
Section D.86, “tarantella security certrequest” command was used to
generate the CSR:
# tarantella security certuse < /tmp/cert
The following command installs an SSL certificate, which is stored
in /opt/certs/cert
, and a private key, which
is stored in /opt/keys/key
. The
Section D.86, “tarantella security certrequest” command was
not used to generate the CSR.
# tarantella security certuse \ --certfile /opt/certs/cert \ --keyfile /opt/keys/key