Table of Contents
Advertisement
Chapter 5. Step 4: Migrating Security Databases
rm key3.db
11. R egister the new HSM in the 7.3 token database.
modutil -nocertdb -dbdir . -add new_HSM_token_name -libfile
new_HSM_library_path/new_HSM_library
12. I dentify the new HSM slot name.
modutil -dbdir . -nocertdb -list
13. C reate new security databases.
certutil -N -d .
14. I mport the public/private key pairs of each entry from the PKCS #12 files into the new HSM.
pk12util -i ServerCert.p12 -d . -h new_HSM_slot_name
Enter Password or Pin for "new_HSM_slot_name":********
Enter password for PKCS12 file: ********
pk12util: PKCS12 IMPORT SUCCESSFUL
pk12util -i ocspSigningCert.p12 -d . -h new_HSM_slot_name
Enter Password or Pin for "new_HSM_slot_name":********
Enter password for PKCS12 file: ********
pk12util: PKCS12 IMPORT SUCCESSFUL
15. O ptionally, delete the PKCS #12 files.
rm ServerCert.p12
rm ocspSigningCert.p12
16. S et the trust bits on the public/private key pairs that were imported into the new HSM.
certutil -M -n "new_HSM_slot_name:Server-Cert cert-old_OCSP_instance" -t
"cu,cu,cu" -d .
-h new_HSM_token_name
certutil -M -n "new_HSM_slot_name:ocspSigningCert cert-old_OCSP_instance" -t
"cu,cu,cu" -d .
-h new_HSM_token_name
40
Advertisement
Table of Contents
Related Manuals for Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
Related Products for Red Hat CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
- Red Hat APPLICATION STACK 2.4 RELEASE
Need help?
Do you have a question about the CERTIFICATE SYSTEM 7.0 - MIGRATION GUIDE and is the answer not in the manual?
Questions and answers