Cryptographic Security Platform 1.2 - Installation and administration guide [PDF][Releases]

Checks the certificate sources for every configured CA.

evactl check cert-source [-c <tls_ca_path>] [-i <cert_id>]

For example:

$ sudo evactl check cert-source
Starting Configurator...                   Done
 
CAID: ca~subordinate
  Checking CAGW is reachable...            Done
  Checking configured CA...                Done
 
Tests passed successfully

See below for a description of each option.

-c <tls_ca_path>

Validate the TLS server certificate of CA Gateway with <tls_ca_path>. Where <tls_ca_path> is the path of a CA file in PEM format.

Mandatory: No. When omitting this option, the command uses the CA configured in CSP CA Gateway.

-i <cert_id>

Authenticate in CA Gateway with the <cert_id> certificate, where <cert_id> is the identifier of the certificate described in CA Gateway for Validation Authority.

Mandatory: No. This optional parameter defaults to the latest client certificate imported with the evactl import-p12 command.

Run the evactl list-certs command to list the available certificates and the latest one imported.