Viewing Database Content - Red Hat CERTIFICATE SYSTEM 7.3 - ADMINISTRATION Administration Manual

Chapter 11. Managing Certificates
For information on publishing cross-pair certificates,

11.4.2. Viewing Database Content

The certificates stored in the subsystem certificates database, cert8.db, can be viewed through the
subsystem administrative console. Alternatively, the certificates can be listed using the certutil
utility. certutil must be used to view the TPS certificates because the TPS subsystem does not use
an administrative console.
Section 11.4.2.1, "Viewing Database Content through the Console"
•
Section 11.4.2.2, "Viewing Database Content Using certutil"
•
NOTE
The certificates listed in the cert8.db database are the subsystem certificates used
for subsystem operations. User certificates are stored with the user entries in the LDAP
internal database. To view user certificates, see
System User and Agent
11.4.2.1. Viewing Database Content through the Console
To view the contents of the database through the administrative console, do the following:
1. Open the Certificate System Console.
pkiconsole https://hostname:SSLport/subsystemType
2. In the Configuration tab, select System Keys and Certificates from the left navigation tree.
3. There are two tabs, CA Certificates and Local Certificates, which list different kinds of
certificates.
• CA Certificates lists CA certificates for which the corresponding private key material is not
available, such as certificates issued by third-party CAs such as Entrust or Verisign or external
Certificate System Certificate Managers.
• Local Certificates lists certificates kept by the Certificate System subsystem instance, such as
the DRM transport certificate or OCSP signing certificate.
258
Section 15.7, "Publishing Cross-Pair
Certificates".
Section 11.3.1, "Managing Certificate
Certificates".