Managing Encryption and Certificates in Oracle® Solaris 11.2

Exit Print View

Updated: September 2014

Using the Key Management Framework

This section describes how to use the pktool command to manage your public key objects, such as passwords, passphrases, files, keystores, certificates, and CRLs.

The Key Management Framework (KMF) enables you to centrally manage public key technologies.

Table 4-1  Using the Key Management Framework Task Map
For Instructions
Create a certificate.
Creates a certificate for use by PKCS #11, NSS, or OpenSSL.
Export a certificate.
Creates a file with the certificate and its supporting keys. The file can be protected with a password.
Import a certificate.
Imports a certificate from another system.
Imports a certificate in PKCS #12 format from another system.
Generate a passphrase.
Generates a passphrase for access to a PKCS #11 keystore or an NSS keystore.
Generate a symmetric key.
Generates symmetric keys for use in encrypting files, in creating a MAC of a file, and for applications.
Generate a key pair.
Generates a public/private key pair for use with applications.
Generate a PKCS #10 CSR.
Generates a PKCS #10 certificate signing request (CSR) for an external certificate authority (CA) to sign.
pktool (1) man page
Sign a PKCS #10 CSR.
Signs a PKCS #10 CSR.
Add a plugin to KMF.
Installs, modifies, and lists a plugin. Also, removes the plugin from the KMF.