Entrust PKI Hub 1.0 - Installation and Administration Guide [PDF]

Checks the certificate sources for every configured CA.

evactl check cert-source [-c <tls_ca_path>] [-i <cert_id>]

For example:

$ sudo ./evactl check cert-source
Starting Configurator...                   Done
 
CAID: ca~subordinate
  Checking CAGW is reachable...            Done
  Checking configured CA...                Done
 
Tests passed successfully

See below for a description of each option.

-c <tls_ca_path>

Validate the TLS server certificate of CA Gateway with <tls_ca_path>. Where <tls_ca_path> is the path of a CA file in PEM format.

Mandatory: No. When omitting this option, the command uses the CA configured in TLS CA certificate.

-i <cert_id>

Authenticate in CA Gateway with the <cert_id> certificate, where <cert_id> is a certificate identifier.

Run the evactl list-certs command to list the available certificate identifiers.

Mandatory: No. This optional parameter defaults to the latest client certificate imported as explained in Importing the CA Gateway client certificate.

Run the evactl list-certs to command to check the latest imported certificate.