Sybase provides tools for requesting and authorizing certificates that are available in the %SYBASE%\%SYBASE_OCS%\bin directory. certreq generates public and private key pairs and certificate requests. certauth converts a server certificate request to a CA-signed certificate.
WARNING! Use certauth only for testing purposes. Sybase recommends that you use the services of a commercial CA because it provides protection for the integrity of the root certificate, and because a certificate that is signed by a widely accepted CA facilitates the migration to the use of client certificates for authentication.
Preparing a server’s trusted root certificate is a 5-step process. Perform all 5 steps to create a test trusted root certificate so you can verify that you are able to create server certificates. When you have a test CA certificate (trusted roots certificate), repeat steps 3 through 5 to sign server certificates.
Preparing a server’s trusted root certificate
Use certreq to request a certificate.
Use certauth to convert the certificate request to a CA self-signed certificate (trusted root certificate).
Use certreq to request a server certificate and private key.
Use certauth to convert the certificate request to a CA-signed server certificate.
Append the private key text to the server certificate and store the certificate in the server’s installation directory.
certauth and certreq are dependent on RSA and DSA algorithms. These tools only work with vendor-supplied crypto modules that use RSA and DSA algorithms to construct the certificate request.
The following reference sections describe the tools used in the previous steps.
For information on adding, deleting, or viewing server certificates on Adaptive Server, see the Adaptive Server Enterprise System Administration Guide.