Certificate handling
For more information about usage scenarios and configuration tasks related to certificate administration procedures, refer to the integration chapter of the nevisKeybox Reference Guide.Generating a certificate request nevisProxy needs a server and a client certificate to be able to identify itself as an external HTTPS server as well as an internal HTTPS client.
nevisproxy cert create
This command creates a new self-signed certificate that will be used by nevisProxy
INFO: No passphrase yet on slot 'public'.
Enter new passphrase:
Confirm new passphrase:
Used CSR subject: /C=ch/O=Adnovum Informatik AG/CN=adnws058.zh.adnovum.ch
Continue with this subject (enter 'i' to go into interactive mode) ? (y/n/i) y
INFO: Generating key and self signed certificate for public/node with subject /C=ch/O=Adnovum Informatik AG/CN=adnws058.zh.adnovum.ch...
INFO: Generate a new 2048 bit RSA key...
NOTE: Generated key is inactive and will be activated on import.
Enter passphrase for slot 'public':
INFO: Import node certificate 'node' into keystore 'public' (adding).
INFO: Activating RSA key (pem)
INFO: Activating RSA key (der)
INFO: Activating RSA key (pkcs8)
INFO: Generating all required keystore formats (pem der pkcs8 pkcs12 jks)
INFO: Import node certificate 'node' into truststore of slot 'public'
INFO: Successfully generated a self signed certificate.
NOTE: If you use this certificate for data signing, make sure,
verifiers have online access to this public key and
backup the private key.
Enter passphrase for slot 'public':
Enter new passphrase:
Confirm new passphrase:
INFO: Caching passphrase
nevisproxy cert delete
This command deletes the self-signed certificate (including the private key) used by nevisProxy. Enter passphrase for slot 'public':
Delete own certificate (certificate+privateKey):
Slot/Label : public / node
Subject : /C=ch/O=Adnovum Informatik AG/CN=adnws058.zh.adnovum.ch
Issuer : /C=ch/O=Adnovum Informatik AG/CN=adnws058.zh.adnovum.ch
Fingerprint : 7D:66:98:E0:A6:D4:26:C0:78:D2:3B:C1:BA:D3:46:F4 (MD5)
Validity : Dec 11 12:34:09 2007 GMT - Nov 30 12:34:09 2009 GMT
File Access : root
Pass Access : root
Proceed ? (y/n) yYou will also lose the private key of the certificate (see above).
Proceed ? (y/n) y
nevisproxy checklibs
This commands shows all missing libraries of the installed nevisproxy, in cases of filter loading problems, this can give you useful hints what might be broken or missing.