Application Packaging Developer's Guide

Adding a User Certificate and Private Key to the Package Keystore

The pkgadm command does not generate user certificates or private keys. User certificates and private keys are normally obtained from a Certificate Authority, such as Verisign. Or, they are generated locally as a self-signed certificate. Once the key and certificate are obtained, they can be imported into the package keystore using the pkgadm command. For example:

pkgadm addcert -n myname -e /tmp/myprivkey.pem /tmp/mypubcert.pem

In this example, the following options are used:

-n myname

Identifies the entity (myname) in the package keystore on which you wish to operate. The myname entity becomes the alias under which the objects are stored.

-e /tmp/myprivkey.pem

Specifies the file that contains the private key. In this case, the file is myprivkey.pem, which is located in the /tmp directory.


Specifies the PEM format certificate file called mypubcert.pem.