Defines an internal certificate authority.
smdefca ca_name -o organization -c country_code -d pub_dir [ -e mm/dd/yyyy]
The smdefca command is used to define an internal CA (Certificate Authority) for Web-based System Manager servers and clients on the current machine. When you define a Web-based System Manager-CA, the following files are generated:
If a CA is already defined on the current machine, the smundefca command must be used first to unconfigure it.
Use the /usr/websm/bin/wsm command to access the graphical interface. The fast path is wsm system.
|ca_name||A name that uniquely defines your Web-based System Manager-CA. The
machine full TCP/IP name with some additional serial number might be a good
choice. If you ever redefine a CA, it is recommended that you use a
different name in order to identify which CA, by name, is used by each server
Note: Do not set the CA name to be exactly the machine's full TCP/IP name (this will break the SMGate utility, in case you want to use it in managing this machine from a remote browser).
|-o organization||Organization name (required for the CA certificate).|
|-c country_code||Two-letter ISO country code (required for the CA certificate).|
|-d pub_dir||The output directory for the public key ring file SMpubkr.class.|
|-e mm/dd/yyyy||Expiration date for the CA certificate. The default expiration date is four years from the date of issuing the command.|
smdefca IBMCA1 -o IBM -c US -d /usr/websm/security/tmp -e 12/31/1999
|/usr/websm/security/SMpubkr.class||CA public key ring file.|
|/usr/websm/security/SMCa.log||Lists detailed information on all operations executed by the CA.|
|/usr/websm/security/SMCa.sn||Certificate number file.|
|/usr/websm/security/SM.caprivkr||Certificate private key ring file.|
The smcaprop, smexpcacert, smimpcacert, smlistcerts, smsigncert, and the smundefca command.
For information on installing the Web-based System Manager, see Chapter 2: Installation and System Requirements in AIX 5L Version 5.1 Web-based System Manager Administration Guide.