Imports an SGD Gateway key and SGD Gateway certificate into the SGD Gateway keystore.
gateway key import --keyfilekey-file
[ --keyalg RSA|DSA ] { --certfilecert-file
| --certfilecert-file..
[ --cacertfileca-cert-file
] } [ --alwaysoverwrite ]
Imports a private key, and the corresponding public key
certificate, into the SGD Gateway keystore, at
/opt/SUNWsgdg/proxy/etc/keystore
.
If the keystore already has an SGD Gateway key entry, it is overwritten. By default, a confirmation prompt is shown.
To access the SGD Gateway keystore, this command uses
the password in /opt/SUNWsgdg/etc/password
. If this
file is not present, the command prompts for a password.
The following table shows the available options for this command.
Option | Description |
---|---|
| File containing the private key. The key must be in PEM format. |
| Encoding algorithm used by the private key. Options are RSA and DSA. By default, RSA is selected. |
| SSL certificate file. |
| CA or root certificate file. |
| Do not prompt before overwriting an entry in the keystore. |
To import a certificate chain, use the
--cacertfile
option to specify an Intermediate CA
certificate. All certificates in the chain must be in PEM format.
If a certificate chain uses multiple CA certificates, combine all the CA certificates in the chain into a single file. The CA certificate used to sign the server certificate must appear first, for example:
-----BEGIN CERTIFICATE----- ...Intermediate CA's certificate
... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- ...CA root certificate
... -----END CERTIFICATE-----
The following example imports an RSA-encoded private key
gateway1.key
, and the corresponding public
key certificate gateway1.pem
, into the
SGD Gateway keystore.
# /opt/SUNWsgdg/bin/gateway key import \ --keyfile gateway1.key \ --certfile gateway1.pem
The following example imports a private key and a certificate
chain into the SGD Gateway keystore. The Intermediate
CA certificate is gateway1-ca.pem
.
# /opt/SUNWsgdg/bin/gateway key import \ --keyfile gateway1.key \ --certfile gateway1.pem \ --cacertfile gateway1-ca.pem