We are planning to add support of SSL transmission of client backup files to the TSM server, which requires that an SSL certificate be added to the GSK key database.
However, Indiana University mandates that CA signed certificates, not self-signed, be used for sensitive data transmission. Further, the certificate must be obtained from a specified Certificate Service whose back-end vendor is Comodo. Comodo is not included in the GSKit list of trusted root certificates. (See TSM Server Admin Guide for Linux 6.3, page 457.) How can another Trusted CA be added to the GSkit key database? My real question is 'can it be done'? Under another product heading, but within GSKit documentation I found the statement, "In order to use the GSKit option to set a certificate as a trusted root, the certificate must be self-signed." Our TSM servers are on RHEL5, and are at TSM server version 6.3.2. The versions of GSK related programs are; gsk7bas64-7.0-4.27 gskcrypt32-8.0-13.4 gskssl32-8.0-13.4 gskcrypt64-8.0-14.14 gskssl64-8.0-14.14 Thank you for any insight you can provide on this problem. Keith Arbogast Indiana University
