iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)
Configuring for Secure Transport
iTP Secure WebServer System Administrator’s Guide—523346-002
4-16
Using the Keyadmin Utility to Manage Keys and
Certificates
-chpw
specifies that you wish to change the password.
-verbose
specifies that complete information associated with the command string should be
displayed.
The keyadmin utility prompts you for the new password. Database passwords must
have at least eight characters all in uppercase or in a combination of uppercase and
lowercase characters.
Creating a List of Key Database File Contents
To generate a list of keys and certificates along with their attributes, use the following
keyadmin command.
You may enter the arguments in any order. Enter the entire command on a single
command line. If a continuation character is necessary, you must use the backslash (\)
character as shown; the backslash is not permitted to break the DN value across lines.
bin/keyadmin -keydb keydb -list [-dn 'dn'] \
[-root | nonroot] [-disabled | enabled] [-verbose]
This command lists the attributes of the certificates in the key database file.
If you do not specify any of the options, the server displays all certificates in the
database. Otherwise, you can specify precisely the certificate attributes you want
displayed, by using the optional command components. The options are mutually
exclusive.
The command’s arguments have the following functions:
-keydb keydb
specifies the name of the key database file in which the key pair you created is
stored.
-list
specifies that you wish to generate a list of keys and certificates.
-dn 'dn'
specifies that only the entry indicated by dn be displayed.
Note. Whenever you use the keyadmin utility to change the key database file password, you
must reset the ServerPassword directive to the same password and restart the server. For
details, see ServerPassword on page A-67.
Note. The bin/ prefix indicates the directory that contains the keyadmin utility; the default is
the bin directory.