| Skip Navigation Links | |
| Exit Print View | |
|
System Administration Guide: Security Services |
1. Security Services (Overview)
Part II System, File, and Device Security
2. Managing Machine Security (Overview)
3. Controlling Access to Systems (Tasks)
4. Controlling Access to Devices (Tasks)
5. Using the Basic Audit Reporting Tool (Tasks)
6. Controlling Access to Files (Tasks)
7. Using the Automated Security Enhancement Tool (Tasks)
Part III Roles, Rights Profiles, and Privileges
8. Using Roles and Privileges (Overview)
9. Using Role-Based Access Control (Tasks)
10. Role-Based Access Control (Reference)
Part IV Oracle Solaris Cryptographic Services
13. Oracle Solaris Cryptographic Framework (Overview)
14. Oracle Solaris Cryptographic Framework (Tasks)
15. Oracle Solaris Key Management Framework
Managing Public Key Technologies
Key Management Framework Utilities
Using the Key Management Framework (Task Map)
Using the Key Management Framework (Tasks)
How to Create a Certificate by Using the pktool gencert Command
How to Import a Certificate Into Your Keystore
How to Export a Certificate and Private Key in PKCS #12 Format
How to Generate a Passphrase by Using the pktool setpin Command
Part V Authentication Services and Secure Communication
16. Using Authentication Services (Tasks)
19. Using Solaris Secure Shell (Tasks)
20. Solaris Secure Shell (Reference)
21. Introduction to the Kerberos Service
22. Planning for the Kerberos Service
23. Configuring the Kerberos Service (Tasks)
24. Kerberos Error Messages and Troubleshooting
25. Administering Kerberos Principals and Policies (Tasks)
26. Using Kerberos Applications (Tasks)
27. The Kerberos Service (Reference)
Part VII Oracle Solaris Auditing
28. Oracle Solaris Auditing (Overview)
29. Planning for Oracle Solaris Auditing
30. Managing Solaris Auditing (Tasks)
KMF manages the keystores for three public key technologies, PKCS #11 tokens, NSS, and OpenSSL. For all of these technologies, the pktool command enables you to do the following:
Generate a self-signed certificate.
Generate a certificate request.
Import objects into the keystore.
List the objects in the keystore.
Delete objects from the keystore.
Download a CRL.
For the PKCS #11 and NSS technologies, the pktool command also enables you to set a PIN by generating a passphrase:
Generate a passphrase for the keystore.
Generate a passphrase for an object in the keystore.
For examples of using the pktool utility, see the pktool(1) man page and Using the Key Management Framework (Task Map).
|