McAfee MEJCAE-AM-DA Product Guide - Page 131
key-update, Syntax, Modifiers, keyserver-delete, Notes
View all McAfee MEJCAE-AM-DA manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 131 highlights
Using Command-Line Options 129 key-update Use the --key-update option to update keys on your local keyring from a key server. E-Business Server searches the specified key server or generic LDAP server for all keys on your local keyring and merges the matching keys back into your keyring. Syntax ebs --key-update [--keyserver ] [--adk | --keys | --revokers | --introducers | --x509 | --crl] [userid ...] Modifiers --adk Updates and adds Additional Decryption Keys (ADKs) associated with keys on your keyring. If ADK-KEY is set in the E-Business Server configuration file, then that key is also updated or added to your local keyring. --crl Downloads the latest certificate revocation list from the --ca-revocation-url and merges any new revocations onto the keyring. --introducers Specifies that E-Business Server updates or adds introducer keys to your keyring for all keys with meta-introducer signatures on them. E-Business Server searches your local keyring for keys with valid meta-introducer signatures. Then, E-Business Server searches the key server for all keys signed by this set of introducer keys and all matching keys are added to your keyring. --keys E-Business Server searches the specified key server or generic LDAP server for all keys on your local keyring and merges the matching keys back into your keyring. --keyserver Specifies the URL for the key server or generic LDAP server that you want to compare your keyring to. Enter the keyserver URL in the following format: ldap://. --revokers Specifies that all designated revoker associated with keys on your keyring are also updated from the key server. If the designated revoker's key is not currently on your keyring, E-Business Server adds it from the key server. --x509 Specifies that all keys with X.509 signature certificates associated with them are updated from the key server. Any revocations found on the key server are merged into the key. keyserver-delete Use the --keyserver-delete option to delete a key from a keyserver. Syntax ebs --keyserver-delete [--sign-with ] [--passphrase ] [--force] --keyserver userid ... Modifiers --force Forces key deletion of all matching keys without first prompting for confirmation. --keyserver Specifies the URL for the key server or generic LDAP server that you want to delete your key from. Enter the keyserver URL in the following format: ldap:// --passphrase Specifies the passphrase for your private key. --sign-with Selects the key you want to sign the deletion request with. By default, E-Business Server uses the key specified by the DEFAULT-KEY parameter in the E-Business Server configuration file. Notes If the keyserver URL specifies a TLS connection, the signing key is used to authenticate the client to the server at the connection protocol layer, instead of for signing the delete request sent through the connection. E-Business Server™ 8.6 Product Guide