Certificate handling
Deprecated
The commands in this chapter have been deprecated and will be removed in a future release.
Generating a certificate request nevisProxy needs a server and a client certificate to be able to identify itself as an external HTTPS server as well as an internal HTTPS client.
nevisproxy cert create
This command creates a new self-signed certificate that will be used by nevisProxy
INFO: No passphrase yet on slot 'public'.
Enter new passphrase:
Confirm new passphrase:
Used CSR subject: /C=ch/O=SIVEN AG/CN=www-test.siven.ch
Continue with this subject (enter 'i' to go into interactive mode) ? (y/n/i) y
INFO: Generating key and self signed certificate for public/node with subject /C=ch/O=SIVEN AG/CN=www-test.siven.ch...
INFO: Generate a new 2048 bit RSA key...
NOTE: Generated key is inactive and will be activated on import.
Enter passphrase for slot 'public':
INFO: Import node certificate 'node' into keystore 'public' (adding).
INFO: Activating RSA key (pem)
INFO: Activating RSA key (der)
INFO: Activating RSA key (pkcs8)
INFO: Generating all required keystore formats (pem der pkcs8 pkcs12 jks)
INFO: Import node certificate 'node' into truststore of slot 'public'
INFO: Successfully generated a self signed certificate.
NOTE: If you use this certificate for data signing, make sure,
verifiers have online access to this public key and
backup the private key.
Enter passphrase for slot 'public':
Enter new passphrase:
Confirm new passphrase:
INFO: Caching passphrase
nevisproxy cert delete
This command deletes the self-signed certificate (including the private key) used by nevisProxy. Enter passphrase for slot public:
Delete own certificate (certificate+privateKey):
Slot/Label : public / node
Subject : /C=ch/O=SIVEN AG/CN=www-test.siven.ch
Issuer : /C=ch/O=SIVEN AG/CN=www-test.siven.ch
Fingerprint : 7D:66:98:E0:A6:D4:26:C0:78:D2:3B:C1:BA:D3:46:F4 (MD5)
Validity : Dec 11 12:34:09 2007 GMT - Nov 30 12:34:09 2009 GMT
File Access : root
Pass Access : root
Proceed ? (y/n) yYou will also lose the private key of the certificate (see above).
Proceed ? (y/n) y
nevisproxy checklibs
This command shows all missing libraries of the installed nevisProxy. In case of filter loading problems, the output of the command can give you useful hints what might be broken or missing.