McAfee MEJCAE-AM-DA Product Guide - Page 101
Interactive, Issuer-dn, Default Value, Issuer-serial, Keyserver, Notes, Keyserver-type, Key-size
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 101 highlights
Using the Configuration File Learning about the configuration file INTERACTIVE The INTERACTIVE parameter is only supported for compatibility purposes. A warning appears if your configuration file contains this setting. ISSUER-DN Specifies the default root certificate to use when issuing an X.509 certificate. This certificate must be a self-signed X.509 certificate. The ISSUER-DN option is used for --key-sign --x509 operations. This is NEVER used for --cert-request or --cert-retrieve operations. The DN specifies the certificate that is used by the issuer of the new X.509 certificate and is placed in the new X.509 certificate. A key may have more than one X.509 certificate attached to it; therefore, you must also specify the ISSUER-SERIAL to uniquely identify the certificate you want to use to issue new certs. The certificate specified must be a self-signed X.509 certificate. Default Value ISSUER-DN = "" ISSUER-SERIAL Use in conjunction with the ISSUER-DN option to uniquely identify the default root certificate to use for key signing. For more information, see ISSUER-DN Default Value ISSUER-SERIAL = "" KEYSERVER Specifies the URL of the default key server. The key server specified by the KEYSERVER parameter will be used for any operations involving the key server. You can also set a key server URL on the command line by specifying --keyserver. Notes The default keyserver is ldap://keyserver.pgp.com. The URL may be in any of the following formats: ldap://, ldaps://, or http://URL. If no method is specified, then ldap:// is assumed. The default ports (389, 636 and 11371 respectively) are assumed if no port number is specified. If the key server is not an E-Business Server key server, then use --keyserver-type to set the type of server you are using. KEYSERVER-TYPE This parameter specifies the type of key server being used during key server operations. Default Value KEYSERVER-TYPE = PGP Values are as follows: • PGP. Use this option if the server you are connecting to is the E-Business Server Keyserver via LDAP, LDAPS, HTTP, or for interfacing with other HTTP key servers. • LDAPPGP. Use this option if the server you are connecting to is an LDAP or LDAPS server, such as the Netscape Directory Server. • LDAPX509. Use this option if the server you are connecting to is an LDAP-based X.509 server, such as Microsoft's Directory Server. KEY-SIZE This parameter sets the default key size used during key generation. 99 E-Business Server™ 8.6 Product Guide