Guralp Systems CD1.1 User Manual

Page 71

Advertising
background image

Operator's Guide

generate_keypair command:

/usr/sbin/cd11-spyrus-tool.sh generate_keypair \

<csr_common_name> [<dsa_parameter_filename>]

Generates a new keypair in the inactive slot, returning a

CSR on stdout. The first parameter is the commonName field

to use in the CSR, and could be the station's ID code. The

second, optional parameter is the name of a file containing

DSA parameters.

start_keypair command:

/usr/sbin/cd11-spyrus-tool.sh start_keypair <auth_key_id>

Switches the active slot. The authentication key ID value to

use must be specified as a parameter.

The init_card command can be used to reinitialise the Spyrus
card. This will destroy all private and public keys held by the
card, and will interrupt signing and thus data flow. It takes an
optional PIN number, which defaults to 1234 if not specified.

The generate_keypair command can be used to generate a new
private/public key pair and corresponding certificate signing
request (CSR). It must be passed the common name to use in
the CSR (typically the site name) and may optionally be passed
the file name of a file containing DSA parameters (for speeding
up keypair generation). The digitiser has its own DSA
parameter file as well, or will generate new parameters if this
does not exist.

The script tracks which slot to use for new keypair generation.
If no keypair has been generated and activated at all, new
generation will take place in slot 1. Otherwise, new generation
will take place in the inactive slot (slot 1 or slot 2).

The start_keypair command will toggle the active slot. A
keypair must have been generated in the inactive slot or this
will interrupt data flow as signing will fail. If no slot is currently
active, it activates slot 1; otherwise, it toggles between slot 1
and slot 2.

start_keypair will update the configuration of all instances of
gdi2cd11 and data-out-cd11 to use the newly-activated slot
and the specified authentication key ID. As soon as the
command has completed, any further signing operations will
use the new keypair and ID.

June 2010

71

Advertising
Popular Brands
Popular manuals