I have been tasked with duplicating the functionality of SecureZip; namely encrypting and digitally signing a file and then sending via SFTP.
I've been able to put together a java program based on the bouncycastle examples, and have been able to encrypt and decrypt files (with a locally generated PGP key) using this program. However, now I'm trying to implement the digital signature and want to capture the keys used for signing on the AIX system that is running the SecureZip commands.
So when I run the command
pkzipc -listcertificates
I get a response that indicates there are two OpenPGP certificates available for signing. Referring to them using
pkzipc -archivetype=pgp -add -recipient=<PUBLIC KEY RECIPIENT> -certificate=<CERT NAME> -sign=files file.out file.in
allows me to create the encrypted files using this CERT NAME cert. My question is, where? Where are these certificates located? Does AIX have a central OpenPGP certificate location or are these somehow imported into some SecureZip storage location?
Using SecureZip Server Version 14 for AIX
Using AIX 7100-03
