Manualshelf

iTP Secure WebServer System Administrators Guide (Version 7.5+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
51525354555657585960
Table 1 Common Distinguished Name (DN) Attributes (continued)
DescriptionAttribute
Locality: The city or other geographic location of an organization.L
State or Province: The U.S. state, Canadian province, or similar subdivision. State names must be
spelled out completely. No postal abbreviations are allowed.
ST
Country: The ISO country code of the country in which the certificate issuer is located (for example,
C=US).
1
C
1
Some of these attributes might be omitted in a particular DN, in accordance with the requirements of a particular CA.
However, in general, at least CN, O, ST, and C are required.
The following example shows a DN for a server maintained by an organization (O) named
Compedia, Inc. that has two organization units (Marketing and Master-Project-Group) included in
the DN:
CN=www.compedia.com,OU=Marketing,OU=Master-Project-Group,
O= "Compedia\, Inc.",L=Portsmouth,ST=New Hampshire,C=US
In this example, the quotation marks in the Organization ( O) field distinguish the literal comma
within the company name (the comma between Compedia and Inc.) from other commas used
as field separators. An escape character \ (backslash) is required when the attribute in DN is
separated by a comma in H03 as it is treated as a special character. This special character is
described in RFC4514.
Using the Keyadmin Utility to Manage Keys and Certificates
The keyadmin utility is used to generate key pairs and to manage certificates in the server key
database file. This section describes how to use the keyadmin utility and covers these topics:
“Generating a New Key Pair” (page 57)
“Creating a Certificate Request” (page 58)
“Requesting a Certificate” (page 59)
Adding a Certificate to the Key Database File” (page 59)
“Deleting a Certificate” (page 60)
“Renewing a Certificate” (page 61)
“Disabling or Enabling a Certificate” (page 61)
“Changing the Key Database File Password” (page 62)
“Creating a List of Key Database File Contents” (page 63)
“Updating the Default Root Certificates” (page 64)
“Exporting a Database Entry” (page 67).
“Displaying Keyadmin Utility Information” (page 67)
“Importing a Private Key into iTP Secure WebServer's Key Database File” (page 68)
“Exporting a Private Key to a User-defined Disk File” (page 69)
“Generating Diffie-Hellman Parameters” (page 71)
The keyadmin utility is located in the bin directory in the server install directory.
56 Configuring for Secure Transport