1PKICertImport(1) PKI certificate import tool PKICertImport(1)
2
3
4
6 PKICertImport - Used to safely validate and import certificates into
7 the NSS database.
8
9
11 Usage: PKICertImport -d <location of nssdb> -i <location of certifi‐
12 cate> -n <nickname for certificate> -t <trust flags> -u <usage flags>
13 [-h <hardware token name>] [-f <password file>] [-a]
14
15 Validate and import a certificate into the specified NSS database. Ver‐
16 ifies signature, trust chain, trust, and usage flags. If a certificate
17 is not valid, it will not be added to the NSS DB or specified hardware
18 token.
19
20
22 The certificate import utility validates signature, trust chain, trust,
23 and usage flags before importing a certificate into the specified NSS
24 database. This ensures that no certificate is used before its authen‐
25 ticity has been verified. Unlike certutil, only one invocation is nec‐
26 essary to both validate and import certificates.
27
28 See certutil for more information about the parameters to PKICertIm‐
29 port.
30
31
33 PKICertImport parameters:
34
35 --ascii, -a
36 The certificate is encoded in ASCII (PEM) format instead of
37 binary format. Optional.
38
39
40 --database, -d <location of NSS db>
41 The directory containing the NSS database. This is usually the
42 client's personal directory. Required.
43
44
45 --password, -f <location of password file>
46 The path to a file containing the password to the NSS database.
47 Optional.
48
49
50 --hsm, -h <hardware token name>
51 Name of the token. By default it takes 'internal'. Optional.
52
53
54 --certificate, -i <location of certificate>
55 Path to the certificate to import. Required.
56
57
58 --nickname, -n <nickname for the certificate>
59 Nickname for the certificate in the NSS DB. Required.
60
61
62 --trust, -t <NSS trust flags>
63 Trust flags for the certificate. See certutil for more informa‐
64 tion about the available trust flags. Required.
65
66
67 --usage, -u <NSS usage flags>
68 Usage to validate the certificate against. See certutil for more
69 information about available usage flags. Required.
70
71
73 Alexander Scheel <ascheel@redhat.com>.
74
75
77 Copyright (c) 2019 Red Hat, Inc. This is licensed under the GNU General
78 Public License, version 2 (GPLv2). A copy of this license is available
79 at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
80
81
82
83version 10.6 Jan 30, 2019 PKICertImport(1)