DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 
Administering SCO OpenServer

Verifying Volution Manager CA certificates

The Volution Manager Key Tool is a command line key and certificate configuration tool that allows you to view, import, and configure keys and Volution Manager CA certificates installed on your SCO OpenServer systems. The advantage in using this tool is that you can check the fingerprint on the CA certificate to make sure it matches the one installed on the VM Server.


NOTE: You only need to run the Volution Manager Key Tool on SCO OpenServer VM client systems if you are concerned about your systems communicating with unauthorized VM Servers or if you have more than one VM Server in your network. Using this tool provides an extra measure of security.

To verify that the fingerprint on the VM Client's CA certificate matches the one installed on the VM server:

  1. As the root user, import a Volution Authority certificate:

    /opt/volution/bin/volutionkeytool cacert import

    The issuer, subject, and fingerprint of the CA certificate for the client system is displayed.

  2. To display the certificate on the VM Server:

    /opt/volution/bin/volutionkeytool cacert list

Now you can cross-check the fingerprints on the VM Client and VM Server certificates.

Using the Volution Manager Key Tool

The Volution Manager Key Tool is located in the /opt/volution/bin directory.

The syntax for running this tool is:

volutionkeytool [option]

where option is one of the following:


help, -help, or --help
displays usage message

cacert create
creates a new Volution Manager CA certificate

cacert import
imports a Volution Authority certificate

cacert list
lists Volution CA certificates on the host

cert list
lists Volution certificates that have been issued for the host

cert issue
issues (or re-issues) new certificates for the host

cert request
issues a new certificate using a certificate request

crl add
adds a certificate to the certificate revocation list

crl list
lists the certificates on the certificate revocation list

Next topic: Starting the Volution Manager Client
Previous topic: Enabling SNMP

© 2003 Caldera International, Inc. All rights reserved.
SCO OpenServer Release 5.0.7 -- 11 February 2003