Novell Documentation: NSure Audit - Validating Certificates

10.5 Validating Certificates

In the Nsure auditing system, all certificates must be signed by the Secure Logging Certificate and they must contain an Application Identifier.

To determine if a certificate is valid, enter the following command:

audcgen -cert:filename -v -appcert:target_certificate

The following table reviews each of the command parameters:

Parameter	Description
-cert:filename	The path and filename for the Secure Logging Certificate that AudCGen uses to validate the certificate. The default path and filename is /cacert.pem .
-v	Validate. AudCGen validates the certificate designated in the -appcert parameter.
-appcert:filename	The path and filename for the Logging Application Certificate to validate.

Parameter

Description

-cert:filename

The path and filename for the Secure Logging Certificate that AudCGen uses to validate the certificate.

The default path and filename is /cacert.pem .

-v

Validate.

AudCGen validates the certificate designated in the -appcert parameter.

-appcert:filename

The path and filename for the Logging Application Certificate to validate.

The following is a sample command to validate the Logging Application Certificate for the eDirectory Instrumentation:

audcgen -cert:c:\cacert.pem -v -appcert:c:\windows\dsicert.pem