000026236 - Is there a way to list all issued certificates in RSA Certificate Manager?

Document created by RSA Customer Support Employee on Jan 30, 2017Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000026236
Applies ToRSA Product Set: Certificate Manager
RSA Version/Condition: 6.7
Platform: Sun Solaris 2.8
IssueIs there  a way to list all issued certificates?
Due to the 2008 OpenSSL vulnerability in all Debian and Ubuntu systems, we'd like to be able to go through all of our certificates and separate the weak from the strong, and re-issue where necessary.
http://lists.debian.org/debian-security-announce/2008/msg00152.html
Resolution

You can utilize the Reporting tool and list the pem_x509 which would be the certificate.
Another option is to run a LDAP query to retrieve only valid certs, then try something similar to the following:
 


ldapsearch -x -h CA_HOST -p 389 -P 2 "(&(objectclass=xuda_certificate)(cert_status=1))" pem_x509
Legacy Article IDa40518

Attachments

    Outcomes