iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Configuring for Secure Transport
iTP Secure WebServer System Administrator’s Guide—523346-002
4-23
Using Server Certificate Chains With the iTP Secure
WebServer
-verbose
specifies that complete information associated with the command string should be
displayed.
If an entry already exists in the new database, keyadmin displays a prompt asking if
the existing entry can be overwritten. However, if you specify the option -overwrite,
keyadmin simply overwrites the existing entry without prompting first (but does
generate a message to indicate that it has overwritten the entry).
If you specify -nooverwrite, keyadmin generates a message to indicate that the
entry was not overwritten.
Displaying Keyadmin Utility Information
You can display information about keyadmin by issuing the following keyadmin
command:
bin/keyadmin -version [-verbose]
This command displays the following information about the keyadmin utility that you
are running:
•
Utility name (keyadmin)
•
Version number of the utility
•
The operating system platform on which the utility was built
Using Server Certificate Chains With the iTP
Secure WebServer
The iTP Secure WebServer’s SSL 3.0 protocol allows you to send and receive
certificate chains. With the certificate chain option, you can establish a certificate
hierarchy that is more than two certificates deep. Server certificate chain support
allows iTP Secure WebServers to use VeriSign Global Server IDs, which are certificate
chains.
For information about Global Server IDs, see Support for International 128-Bit SSL
Sessions Using VeriSign’s Global Server ID on page 4-5. For more information about
certificates and certificate chains, see Using Certificates on page D-6.
No configuration changes to the iTP Secure WebServer are required for this feature.
However, because certificate chain transmission between clients and servers requires
SSL 3.0 support, ensure that you are using the latest version of the iTP Secure
WebServer.
Note. The bin/ prefix indicates the directory that contains the keyadmin utility; the default is
the bin directory.