McAfee MEJCAE-AM-DA Product Guide - Page 60

Working with X.509 Certificates Updating X.509 certificates on your keyring The following information appears: Signed Key : Scott Tibson Signed User ID: Scott Tibson Signed Key ID : 0x196DE730 (0xFBC4D3B5196DE730) Name: CN=Scott Tibson, [email protected], O=McAfee, OU=EBS Issuer: CN=Root CA, [email protected] Signer Key ID: 0xD7C74275 (0x03534DC9D7C74275) Type: X.509 Exportable: Yes Created: 2001-06-01 Expires: 2002-06-01 Last CRL: N/A Next CRL: N/A Serial Number: 9170E2A076CF0C8B4938 Trust Depth: 0 Updating X.509 certificates on your keyring To ensure that you are always using the most current keys belonging to other users, you should periodically update your local keyring with the keys on a key server. You can specify that all keys with X.509 signature certificates associated with them are also updated on your keyring. The CA-URL, CA-ROOT-CERT and CA-TYPE parameters must be set in the E-Business Server configuration file, or on the command line, in order to update X.509 certificates on your keyring. For instructions on how to set these parameters, see Configuration parameters on page 87. Once the above parameters are set, enter the following at the command line: ebs --key-update --x509 E-Business Server searches the key server for all keys on your local keyring and merges the matching keys back into your keyring. This ensures that any revocations from key servers are merged into the key. For details on how to update other key information, see Updating keys on your keyring on page 32. E-Business Server™ 8.6 Product Guide 58