Using the Key Management Framework

Language:

This section describes how to use the pktool command to manage your public key objects, such as passwords, passphrases, files, keystores, certificates, and CRLs.

The Key Management Framework (KMF) enables you to centrally manage public key technologies.

Table 4-1 Using the Key Management Framework Task Map

Task	Description	For Instructions
Create a certificate.	Creates a certificate for use by PKCS #11, NSS, or OpenSSL.	How to Create a Certificate by Using the pktool gencert Command
Export a certificate.	Creates a file with the certificate and its supporting keys. The file can be protected with a password.	How to Export a Certificate and Private Key in PKCS #12 Format
Import a certificate.	Imports a certificate from another system.	How to Import a Certificate Into Your Keystore
Import a certificate.	Imports a certificate in PKCS #12 format from another system.	Example 4–2
Generate a passphrase.	Generates a passphrase for access to a PKCS #11 keystore or an NSS keystore.	How to Generate a Passphrase by Using the pktool setpin Command
Generate a symmetric key.	Generates symmetric keys for use in encrypting files, in creating a MAC of a file, and for applications.	How to Generate a Symmetric Key by Using the pktool Command
Generate a key pair.	Generates a public/private key pair for use with applications.	How to Generate a Key Pair by Using the pktool genkeypair Command
Generate a PKCS #10 CSR.	Generates a PKCS #10 certificate signing request (CSR) for an external certificate authority (CA) to sign.	`pktool` (1) man page
Sign a PKCS #10 CSR.	Signs a PKCS #10 CSR.	How to Sign a Certificate Request by Using the pktool signcsr Command
Add a plugin to KMF.	Installs, modifies, and lists a plugin. Also, removes the plugin from the KMF.	How to Manage Third-Party Plugins in KMF