iTP Secure WebServer System Administrator's Guide (Version 7.0)
Configuring for Secure Transport
iTP Secure WebServer System Administrator’s Guide—523346-012
4-7
Using the Keyadmin Utility to Manage Keys and
Certificates
To use VeriSign’s Global Server ID with the iTP Secure WebServer, obtain a Global
Server ID for the server and install it just as you would a regular certificate. See Using
the Keyadmin Utility to Manage Keys and Certificates for information about obtaining
and installing certificates.
You can continue using other server IDs along with your Global Server ID in order to
provide services to browsers and other clients that do not support Global Server IDs.
Using the Keyadmin Utility to Manage Keys and Certificates
The keyadmin utility is used to generate key pairs and to manage certificates in the
server key database file. This section describes how to use the keyadmin utility and
covers these topics:
•
Generating a New Key Pair on page 4-7
•
Creating a Certificate Request on page 4-9
•
Requesting a Certificate on page 4-11
•
Adding a Certificate to the Key Database File on page 4-11
•
Deleting a Certificate on page 4-14
•
Renewing a Certificate on page 4-15
•
Disabling or Enabling a Certificate on page 4-16
•
Changing the Key Database File Password on page 4-17
•
Creating a List of Key Database File Contents on page 4-17
•
Updating the Default Root Certificates on page 4-19
•
Exporting a Database Entry on page 4-24.
•
Displaying Keyadmin Utility Information on page 4-25
•
Importing a Private Key into iTP Secure WebServer's Key Database File on
page 4-26
•
Exporting a Private Key to a User-Defined Disk File on page 4-27
The keyadmin utility is located in the bin directory in the server install directory.
Generating a New Key Pair
Before you generate a key pair, you need these items:
•
The certificate-request form from the chosen CA.
Note. iTP Secure WebServer supports only Verisign Certificates.