smsigncert Command

Purpose

Processes certificate requests and generates certificates.

Syntax

smsigncert dir { -a | -s server_name} [ -e mm/dd/yyyy]

Description

The smsigncert command can be run on a machine that has been defined as internal certificate authority (CA). The command uses the CA private key to process certificate requests (*.certreq files) and generate certificates (*.cert files). You can process the request of one server, or all server requests in the specified directory dir.

You can use Web-based System Manager (wsm) command to access the graphical interface.

Flags

Item Description
dir The directory where the certificate requests (*.certreq files) reside, and to which the certificates (*.cert files) will be written.
-a All certificate requests (*.certreq files) in the specified dir directory will be processed. For each certificate request (S.certreq), a certificate S.cert will be generated in the specified dir directory.
-s server_name The full TCP/IP name of the server whose certificate request (server_name.certreq in the specified dir directory) will be processed.
-e mm/dd/yyyy Expiration date for the server certificates. The default expiration date is two years from the date of issuing the command.

Examples

smsigncert /usr/websm/security/tmp S101.IBM.COM -e 12/31/1999

smsigncert /usr/websm/security/tmp -a 

Files

Item Description
/usr/websm/security/SMCa.log Lists detailed information on all operations executed by the CA.