gwadminutil-ca (1)

Name

gwadminutil-ca - The GroupWise Administration Utility certificate authority (CA) option

Syntax

          gwadminutil ca -d path [-g] [-f] [-l] [-i path] [-n name]

                                 [-p serial_number] [-r serial_number][-cr path]
        

Description

Interacts with the GroupWise Admin Service certificate authority (CA) to generate, issue, list, and revoke certificates for use with GroupWise domains, post offices, and agents.

The GroupWise Admin Service CA issues self-signed server certificates for domain and post office servers. The CA certificate for the primary domain server signs the other server certificates. The CA can regenerate itself if necessary.

Options

Usage Options:

-cr , --certroot /path_to_certificates

Specifies an optional path to the root certificates directory.

-d , --domain /primary_domain_folder

Specifies the path to the primary domain database.

-f , --force

By default, if you specify an existing output file name, you are notified that the certificate file already exists. Use this option to overwrite the existing certificate file.

-g , --generate

Generates a certificate and private key for the primary domain.

-i , --issue /path_to_database

Creates a new certificate for the Admin Service that is running for the domain or post office associated with the specified database.

-l , --list

Lists the certificates issued by the GroupWise CA. The list includes the serial number for each certificate.

-n , --name poa_name

Specifies the object name of the POA when multiple POAs run for a single post office.

-p , --print serial_number

Displays the information about the certificate that has the specified serial number.

-r , --revoke serial_number

Revokes the certificate with the specified serial number.

Help Options:

--help , -?

Displays the help information and exits.

Files

/opt/novell/groupwise/admin/gwadminutil

Script file that runs GWAdminUtil.

/opt/novell/groupwise/certificates/system_guid/ca.*

Files created when a certificate is issued.

ca.crt

CA certificate file.

ca.key

CA private key file.

ca.srl

Certificate serial number list.

ca.crl

Certificate revocation list.

/opt/novell/groupwise/certificates/system_guid/issued

Folder for storing copies of all issued certificates.

/opt/novell/groupwise/certificates/system_guid/revoked

Folder for storing copies of all revoked certificates. The folder is not created until a certificate is revoked.

Examples

This program normally runs as root.

gwadminutil ca -g -d /gwsystem/provo1 -f

Generates a new CA certificate and private key for the primary domain. Overwrites the existing CA certificate.

gwadminutil ca -i /gwsystem/provo2

Generates a new server certificate for a secondary domain server.

gwadminutil ca -i /gwsystem/sales

Generates a new server certificate for a post office server.

gwadminutil ca -l

Lists all of the certificates that the GroupWise CA has issued, along with their serial numbers.

gwadminutil ca -p 5266AC7B000A

Displays detailed information about the certificate whose serial number you have specified.

gwadminutil ca -r 5266AC7B000A

Revokes the specified certificate.