Secure Global Desktop 4.31 Administration Guide
> Commands
> The tarantella security decryptkey commandSecure Global Desktop 4.31 Administration Guide
> Commands
> The tarantella security decryptkey command
tarantella security decryptkey --enckey enckeyfile
--deckey deckeyfile
[ --format PEM|DER ]
Decrypts an encrypted private key so that you can use it with Secure Global Desktop. This lets you use an X.509 certificate that you're already using with another product (a web server, for example) rather than obtaining a separate certificate for use exclusively with Secure Global Desktop.
Note You can only decrypt private keys that were originally encrypted by a product that uses SSLeay or OpenSSL certificate libraries.
See the tarantella security certuse command for
information about how to share certificates in this way.
| Argument | Description |
|---|---|
--enckey enckeyfile |
Specifies the location of the encrypted private key that you want
to decrypt. Only keys encrypted by a product that uses SSLeay or
OpenSSL certificate libraries can be decrypted.
You must specify the full path to enckeyfile. |
--deckey deckeyfile |
Specifies a file where the decrypted key will be stored.
Note For security reasons, it is very important to restrict access to private keys, especially when stored in an unencrypted form. Access to private keys by unauthorized users can result in a serious security breach. Store private keys accordingly. You must specify the full path to deckeyfile. |
--format PEM | DER |
Specifies the format in which the encrypted key is stored. Defaults to PEM. |
tarantella security decryptkey \
--enckey /opt/keys/key1 \
--deckey /opt/keys/key2 \
--format DER
Decrypts the key /opt/keys/key1 (which is stored in
DER format), placing the decrypted key in /opt/keys/key2.
Copyright © 1997-2007 Sun Microsystems, Inc. All rights reserved.