The certdb subcommand manages the public-key database, /etc/inet/ike/publickeys. Options to the subcommand enable you to add, view, and remove public keys and certificates. The command accepts, as input, certificates that were generated by the ikecert certlocal –ks command on a communicating system. See How to Configure IKE With Self-Signed Public Certificates for the procedure. The command also accepts the certificate that you receive from a PKI or CA as input. See How to Configure IKE With Public Keys Signed by a Certificate Authority for the procedure.