


   SPX Version 2.2                                          install_server(1)



   Name
     install_server - SPX server credentials utility

   Syntax
     install_server [ -lv ] [ -c _c_a__n_a_m_e ] [ _s_e_r_v_e_r_n_a_m_e ]

   Description
     The _i_n_s_t_a_l_l__s_e_r_v_e_r command is used by system administration to install
     SPX credential files for one or more servers.  SPX credentials permit
     the server to authenticate incoming remote SPX principals.  Note that to
     install credentials the server principal must either have local private
     key and certificate files or be able to access this information from a
     name service (i.e., CDC).  Server credentials are normally installed by
     a user with superuser privileges.

     Use _l_i_s_t__s_e_r_v_e_r to find information about credentials for a particular
     server.

     Invoking _i_n_s_t_a_l_l__s_e_r_v_e_r without specifying a servername argument causes
     it to prompt for the string component of the relative distinguished name
     (RDN) of the server.  The attribute type is always CN=.  The CA RDN com-
     ponent may be specified in one of three ways.  The -c option uses the _c_a
     argument the CA; this should include the attribute type.  If there is no
     -ca option, the RDN of the CA is taken from the SPHINX_LOCAL_CA vari-
     able, if one exists, otherwise the caller will be prompted.  The domain
     prefix of the global principal server name is taken from
     "/etc/cdc.conf".  The caller must supply a valid password to decrypt the
     server private key when prompted.

     If all goes well, SPX places the server credentials in the file
     /etc/verifier__s_e_r_v_e_r_n_a_m_e.  Applications may be configured to use these
     credentials in SPX strong authentication procedures for incoming princi-
     pals.

   Options

     -l                  Get certificates and private key from local files.
                         If this is given, the optional [ _s_e_r_v_e_r_n_a_m_e ] param-
                         eter must be used to specify the name for
                         _s_e_r_v_e_r_n_a_m_e_privkey and _s_e_r_v_e_r_n_a_m_e_pubkey.

     -t _e_x_p_i_r_e_s          Number of hours until the credentials expire.  The
                         default is one year.  Of course, authentication
                         requires the server's certificate in the CDC to be
                         current.

     -c _c_a__n_a_m_e          CA name.  Overrides SPHINX_LOCAL_CA value. If none
                         is present, the caller will be prompted for the CA.

     -v                  Verbose mode





   Digital Equipment Corporation                                            1






   install_server(1)                                          SPX Version 2.2


   Files
     _s_e_r_v_e_r_n_a_m_e_privkey, _s_e_r_v_e_r_n_a_m_e_pubkey, /etc/cdc.conf,
     /etc/verifier__s_e_r_v_e_r_n_a_m_e

   See Also

     spx(1), list_server(1), spxinit(1), spxlist(1)

















































   2                                            Digital Equipment Corporation


99