Administering SCO OpenServer

Verifying Volution Manager CA certificates

The Volution Manager Key Tool is a command line key and certificate configuration tool that allows you to view, import, and configure keys and Volution Manager CA certificates installed on your SCO OpenServer systems. The advantage in using this tool is that you can check the fingerprint on the CA certificate to make sure it matches the one installed on the VM Server.

NOTE: You only need to run the Volution Manager Key Tool on SCO OpenServer VM client systems if you are concerned about your systems communicating with unauthorized VM Servers or if you have more than one VM Server in your network. Using this tool provides an extra measure of security.

To verify that the fingerprint on the VM Client's CA certificate matches the one installed on the VM server:

As the root user, import a Volution Authority certificate:

/opt/volution/bin/volutionkeytool cacert import

The issuer, subject, and fingerprint of the CA certificate for the client system is displayed.
To display the certificate on the VM Server:

/opt/volution/bin/volutionkeytool cacert list

Now you can cross-check the fingerprints on the VM Client and VM Server certificates.

Using the Volution Manager Key Tool

The Volution Manager Key Tool is located in the /opt/volution/bin directory.

The syntax for running this tool is:

volutionkeytool [option]

where option is one of the following:

help, -help, or --help: displays usage message
cacert create: creates a new Volution Manager CA certificate
cacert import: imports a Volution Authority certificate
cacert list: lists Volution CA certificates on the host
cert list: lists Volution certificates that have been issued for the host
cert issue: issues (or re-issues) new certificates for the host
cert request: issues a new certificate using a certificate request
crl add: adds a certificate to the certificate revocation list
crl list: lists the certificates on the certificate revocation list