Using the setuptrust command
|Article:HOWTO46968|||||Created: 2011-03-24|||||Updated: 2011-03-25|||||Article URL http://www.symantec.com/docs/HOWTO46968|
You can use the setuptrust command to contact the broker to be trusted, obtain its certificate or details over the wire, and add to the trust repository if the furnished details are trustworthy. The security administrator can configure one of the following levels of security for distributing root certificates:
High security (2): If a previously untrusted root is acquired from the peer (that is, if no certificate with the same signature exists in our trust store), the user will be prompted to verify the hash.
Medium security (1): The first authentication broker will be trusted without prompting. Any attempts to trust subsequent authentication brokers will cause the user to be prompted for a hash verification before the certificate is added to the trusted store.
The broker, host, and port arguments are first. The host and port of the broker to be trusted. The registered port for Authentication is 2821. If the broker has been configured with another port number, consult your security administrator for information.
Article URL http://www.symantec.com/docs/HOWTO46968