Release 10.1A: OpenEdge Getting Started:
Installation and Configuration
Using mkhashfile to install root certificates in the OpenEdge root certificate store
The mkhashfile command-line utility provides a simple way to install a root certificate that is authorized by your own internal-use CA, or any CA that can provide you with a PEM-encoded certificate (typically in a file named with the
Note: If the root certificate is not a PEM-encoded certificate, it is recommended that you use the certutil command-line utility, specifying the format option. For details about the certutil command-line utility and all its options and functions, see the detailed syntax information for the certutil command listed in Appendix C "Command and Utility Reference.".pemextension). If you are using your own certificate server to provide the certificate, see the documentation for the certificate server administration software for information on how to obtain PEM-encoded certificates. Once you have the certificate accessible to your OpenEdge SSL client machine, you can use the mkhashfile command-line utility to install it in the OpenEdge root certificate store.To use
mkhashfileto create an entry in the OpenEdge root certificate store for a local PEM-encoded certificate file,vsigntca.pem, specify the file with the mkhashfile command that you enter in the OpenEdgeProenvcommand window. For example:
The utility generates the entry as a file with an encrypted filename,
18d46017.0, which is the alias used to identify the certificate store entry. You can then manage this entry along with all other entries in the OpenEdge certificate store using thecertutilutility. For more information, see the "Using certutil to manage an OpenEdge root certificate store" section.For more information on the
mkhashfilecommand-line utility, see Appendix C "Command and Utility Reference."
|
Copyright © 2005 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |