B.11 gateway key import

Imports an SGD Gateway key and SGD Gateway certificate into the SGD Gateway keystore.


gateway key import --keyfile key-file 
                 [ --keyalg RSA|DSA ]
                 { --certfile cert-file |
                   --certfile cert-file.. [ --cacertfile ca-cert-file ] }
                 [ --alwaysoverwrite ]


Imports a private key, and the corresponding public key certificate, into the SGD Gateway keystore, at /opt/SUNWsgdg/proxy/etc/keystore.

If the keystore already has an SGD Gateway key entry, it is overwritten. By default, a confirmation prompt is shown.

To access the SGD Gateway keystore, this command uses the password in /opt/SUNWsgdg/etc/password. If this file is not present, the command prompts for a password.

The following table shows the available options for this command.




File containing the private key. The key must be in PEM format.


Encoding algorithm used by the private key. Options are RSA and DSA. By default, RSA is selected.


SSL certificate file.


CA or root certificate file.


Do not prompt before overwriting an entry in the keystore.

To import a certificate chain, use the --cacertfile option to specify an Intermediate CA certificate. All certificates in the chain must be in PEM format.

If a certificate chain uses multiple CA certificates, combine all the CA certificates in the chain into a single file. The CA certificate used to sign the server certificate must appear first, for example:

...Intermediate CA's certificate...
...CA root certificate...


The following example imports an RSA-encoded private key gateway1.key, and the corresponding public key certificate gateway1.pem, into the SGD Gateway keystore.

# /opt/SUNWsgdg/bin/gateway key import \
--keyfile gateway1.key \
--certfile gateway1.pem

The following example imports a private key and a certificate chain into the SGD Gateway keystore. The Intermediate CA certificate is gateway1-ca.pem.

# /opt/SUNWsgdg/bin/gateway key import \
--keyfile gateway1.key \
--certfile gateway1.pem \
--cacertfile gateway1-ca.pem