Skip to main content
Version: 4.6.x.x LTS

Certificate handling

Deprecated

The commands in this chapter have been deprecated and will be removed in a future release.

Generating a certificate request nevisProxy needs a server and a client certificate to be able to identify itself as an external HTTPS server as well as an internal HTTPS client.

nevisproxy cert create

This command creates a new self-signed certificate that will be used by nevisProxy

INFO: No passphrase yet on slot 'public'.
Enter new passphrase:
Confirm new passphrase:
Used CSR subject: /C=ch/O=SIVEN AG/CN=www-test.siven.ch
Continue with this subject (enter 'i' to go into interactive mode) ? (y/n/i) y
INFO: Generating key and self signed certificate for public/node with subject /C=ch/O=SIVEN AG/CN=www-test.siven.ch...
INFO: Generate a new 2048 bit RSA key...
NOTE: Generated key is inactive and will be activated on import.
Enter passphrase for slot 'public':
INFO: Import node certificate 'node' into keystore 'public' (adding).
INFO: Activating RSA key (pem)
INFO: Activating RSA key (der)
INFO: Activating RSA key (pkcs8)
INFO: Generating all required keystore formats (pem der pkcs8 pkcs12 jks)
INFO: Import node certificate 'node' into truststore of slot 'public'
INFO: Successfully generated a self signed certificate.
NOTE: If you use this certificate for data signing, make sure,
verifiers have online access to this public key and
backup the private key.
Enter passphrase for slot 'public':
Enter new passphrase:
Confirm new passphrase:
INFO: Caching passphrase

nevisproxy cert delete

This command deletes the self-signed certificate (including the private key) used by nevisProxy. Enter passphrase for slot public:

Delete own certificate (certificate+privateKey):
  Slot/Label : public / node
  Subject   : /C=ch/O=SIVEN AG/CN=www-test.siven.ch
  Issuer   : /C=ch/O=SIVEN AG/CN=www-test.siven.ch
  Fingerprint : 7D:66:98:E0:A6:D4:26:C0:78:D2:3B:C1:BA:D3:46:F4 (MD5)
  Validity : Dec 11 12:34:09 2007 GMT - Nov 30 12:34:09 2009 GMT
  File Access : root
  Pass Access : root
Proceed ? (y/n) yYou will also lose the private key of the certificate (see above).
Proceed ? (y/n) y

nevisproxy checklibs

This command shows all missing libraries of the installed nevisProxy. In case of filter loading problems, the output of the command can give you useful hints what might be broken or missing.