首先执行ovstop -c
ovc -kill
停止
然后
bash-2.05# ovcert -list
+---------------------------------------------------------+
| 密钥库内容 |
+---------------------------------------------------------+
| 证书: |
| 4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 |
+---------------------------------------------------------+
+---------------------------------------------------------+
| 密钥库内容 (OVRG: server) |
+---------------------------------------------------------+
| 证书: |
| 4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
bash-2.05# ovcert -remove 4e440328-10f0-7522-1dc9-e6a565ea3eb8
* 您真的希望删除具有别名 '4e440328-10f0-7522-1dc9-e6a565ea3eb8' 的证书吗(是(y)/否(n))? y
信息: 已成功删除证书。
bash-2.05# ovcert -remove CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8
* 您真的希望删除具有别名 'CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8' 的证书吗(是(y)/否(n))? y
信息: 已成功删除证书。
bash-2.05# ovcert -remove 4e440328-10f0-7522-1dc9-e6a565ea3eb8 -ovrg server
* 您真的希望删除具有别名 '4e440328-10f0-7522-1dc9-e6a565ea3eb8' 的证书吗(是(y)/否(n))? y
信息: 已成功删除证书。
bash-2.05# ovcert -remove CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 -ovrg server
* 您真的希望删除具有别名 'CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8' 的证书吗(是(y)/否(n))? y
信息: 已成功删除证书。
bash-2.05# ovcert -list
+---------------------------------------------------------+
| 密钥库内容 |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
+---------------------------------------------------------+
+---------------------------------------------------------+
| 密钥库内容 (OVRG: server) |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
+---------------------------------------------------------+
bash-2.05# ovcm -newcacert
信息: 正在生成新的 CA 密钥对...
信息: 正在安装...
信息: 安装已成功。
bash-2.05# ovcert -list
+---------------------------------------------------------+
| 密钥库内容 |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
+---------------------------------------------------------+
+---------------------------------------------------------+
| 密钥库内容 (OVRG: server) |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
bash-2.05# ovcert -exporttrusted -file /tmp/trustedcertif -ovrg server
信息: 信任证书已成功导出到文件 '/tmp/trustedcertif'。
bash-2.05# ovcert -importtrusted -file /tmp/trustedcertif
信息: 导入操作已成功。
bash-2.05# ovcert -list
+---------------------------------------------------------+
| 密钥库内容 |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 |
+---------------------------------------------------------+
+---------------------------------------------------------+
| 密钥库内容 (OVRG: server) |
+---------------------------------------------------------+
| 证书: |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
注意:首先要通过hostname命令查看OVO服务器的主机名;
然后用ovcoreid命令确认OVO服务器的coreid;
bash-2.05# hostname
gaoqiao
bash-2.05# ovcoreid
73d0be3a-f9cb-753d-08c0-ca1bb93befc7
bash-2.05# ovcm -issue -file /tmp/certif -name gaoqiao -pass mypwd -coreid 73d0be3a-f9cb-753d-08c0-ca1bb93befc7
信息: 发布的证书已写入文件 '/tmp/certif'。
bash-2.05# ovcert -importcert -file /tmp/certif -pass mypwd -ovrg server
信息: 导入操作已成功。
bash-2.05# ovcert -importcert -file /tmp/certif -pass mypwd
信息: 导入操作已成功。
bash-2.05# rm /tmp/certif
bash-2.05# ovcert -list
+---------------------------------------------------------+
| 密钥库内容 |
+---------------------------------------------------------+
| 证书: |
| 39a6c086-c077-7545-17c1-cf0553f46f07 (*) |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 |
+---------------------------------------------------------+
+---------------------------------------------------------+
| 密钥库内容 (OVRG: server) |
+---------------------------------------------------------+
| 证书: |
| 39a6c086-c077-7545-17c1-cf0553f46f07 (*) |
+---------------------------------------------------------+
| 信任证书: |
| CA_4e440328-10f0-7522-1dc9-e6a565ea3eb8 (*) |
+---------------------------------------------------------+
bash-2.05#
最后可以打开OVO通过派发模板进行验证。