Document toolboxDocument toolbox

Nexus Documentation
CURL vulnerability information (CVE-2023-38545) - Nexus awareness advisory on Microsoft's update KB5014754

Install certificate

Owned by Ann Base (Deactivated)
Last updated: Nov 13, 2023 by Josefin Klang (Deactivated)
1 min read

This article is valid from CM 8.0.

This article describes the syntax for how to install a certificate. The hwsetup command line tool, included in Nexus Certificate Manager (CM), is used.

Syntax

Syntax: Install certificate
hwsetup -libname <pkcs11lib> [-slot <slot#>] [-pin <PIN>] [-nopinpad] [-id <CKA_ID>] [-label <CKA_LABEL>] [-login user|so] -setcert [<filename>] [-replace]

Options and arguments

For a description of the options libname, slot, pin, nopinpad, label and login and their arguments, see Generate DSA/EC/RSA key pair.

Options and Arguments

Description

Options and Arguments

Description

setcert <filename>

Use this option to install the certificate, stored in the specified file, in the HSM. The CKA_ID and optional CKA_LABEL attributes are set for the new certificate object.

id <CKA_ID>

Use this option to specify the CKA_ID attribute of the public key object that holds the same public key as in the certificate. The id is required for a DSA or EC public key and optional for an RSA public key certificate. Default: The CKA_ID of the RSA public key object with the CKA_MODULUS attribute matching the public key in the certificate.

replace

Use this option if you want to remove all the previous installed certificates for the provided slot and id and replace them with the new one. Default: Not flagged

Example

To install the certificate issued by the CA. The certificate is located in the file careply.cer:

Example: Install certificate from file careply.cer
hwsetup -libname crypto -slot 1 -pin abcd -id mykey -setcert careply.cer



Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions