CertificateRequestCommands command group of the AdminTask object

You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the CertificateRequestCommands group can be used to create and manage certificate requests.

The CertificateRequestCommands command group for the AdminTask object includes the following commands:

createCertificateRequest

The createCertificateRequest command creates a certificate request that is associated with a particular key store.

Target object

None.

Parameters and return values

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreScope
The scope name of the key store. (String, optional)
-certificateAlias
The name that uniquely identifies the certificate request in a key store. (String, required)
-certificateVersion
The certificate version. (String, required)
-certificateSize
(Integer, required)
-certificateCommonName
(String, required)
-certificateOrganization
(String, optional)
-certificateOrganizationalUnit
(String, optional)
-certificateLocality
(String, optional)
-certificateState
The state code for the certificate. (String, optional)
-certificateZip
The zip code for the certificate. (String, optional)
-certificateCountry
The country for the certificate. (String, optional)
-certificateRequestFilePath
The file location of the certificate request that can be sent to a certificate authority. (String, required)
-signatureAlgorithm
The signature algorithm used to create the self-signed certificate. The list of valid signature algorithms can be retrieved using the listSignatureAlgorithms command. (String, optional)
[8.5.5.18 or later]-keyUsage
Specifies the key usage certificate extensions to include in the certificate. Valid values are digital_signature, non_repudiation, key_encipherment, data_encipherment, encipher_only, and decipher_only. (String, optional)
[8.5.5.18 or later]-extendedKeyUsage
Specifies the extended key usage certificate extensions to include in the certificate. Valid values are ServerAuth_Id, ClientAuth_Id, CodeSigning_Id, EmailProtection_Id, IPSecEndSystem_Id, IPSecTunnel_Id, IPSecUser_Id, and TimeStamping_Id. (String, optional)
[8.5.5.18 or later]-sanDNSName
Specifies the DNS name of the server for the subject alternative name, which is usually the same as the CN value. (String, optional)
[8.5.5.18 or later]-sanEmail
Specifies the email address value to include in the subject alternative name extension. (String, optional)
[8.5.5.18 or later]-sanIPAddress
Specifies the IP address value to include in the subject alternative name extension. (String, optional)
  • Returns: The configuration object name of the key store object that you created.

Examples

Batch mode example usage:

  • Using Jacl:
    $AdminTask createCertificateRequest {-keyStoreName testKeyStore 
-certificateAlias certReq -certificateSize 1024 -certificate
CommonName localhost -certificate Organization testing -certificate
RequestFilePath c:/temp/testCertReq.arm}
  • Using Jython string:
    AdminTask.createCertificateRequest ('[-keyStoreName testKeyStore 
-certificateAlias certReq -certificateSize 1024 -certificate
CommonName localhost -certificate Organization testing -certificate
RequestFilePath c:/temp/testCertReq.arm]')
  • Using Jython list:
    AdminTask.createCertificateRequest (['-keyStoreName', 'testKeyStore', 
'-certificateAlias', 'certReq', '-certificateSize', '1024',
'-certificateCommonName', 'localhost','-certificateOrganization',
'testing', '-certificateRequestFilePath','c:/temp/testCertReq.arm'])

Interactive mode example usage:

  • Using Jacl:
    $AdminTask createCertificateRequest {-interactive}
  • Using Jython string:
    AdminTask.createCertificateRequest ('[-interactive]')
  • Using Jython list:
    AdminTask.createCertificateRequest (['-interactive'])

deleteCertificateRequest

The deleteCertificateRequest command deletes a certificate request from a key store.

Target object

None.

Parameters and return values

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreScope
The scope name of the key store. (String, optional)
-certificateAlias
The name that uniquely identifies the certificate request in a key store. (String, required)
  • Returns: None.

Examples

Batch mode example usage:

  • Using Jacl:
    $AdminTask deleteCertificateRequest {-keyStoreName testKeyStore 
-certificateAlias certReq}
  • Using Jython string:
    AdminTask.deleteCertificateRequest ('[-keyStoreName testKeyStore 
-certificateAlias certReq]')
  • Using Jython list:
    AdminTask.deleteCertificateRequest (['-keyStoreName', 'testKeyStore', 
'-certificateAlias', 'certReq'])

Interactive mode example usage:

  • Using Jacl:
    $AdminTask deleteCertificateRequest {-interactive}
  • Using Jython string:
    AdminTask.deleteCertificateRequest ('[-interactive]')
  • Using Jython list:
    AdminTask.deleteCertificateRequest (['-interactive'])

extractCertificateRequest

The extractCertificateRequestcommand extracts a certificate request to a file.

Target object

None.

Parameters and return values

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreScope
The scope name of the key store. (String, optional)
-certificateAlias
The name that uniquely identifies the certificate request in a key store. (String, required)
-certificateRequestFilePath
The file location of the certificate request that can be sent to a certificate authority. (String, required)

Optional parameters

-signatureAlgorithm
The signature algorithm used to create the self-signed certificate. The list of valid signature algorithms can be retrieved using the listSignatureAlgorithms command. (String, optional)

Elliptical Curve signature algorithms require specific sizes, so the size parameter is ignored if SHA256withECDSA, SHA384withECDSA, or SHA512withECDSA is specified. SHA256withECDSA will have a size of 256, SHA384withECDSA will have a size of 384, and SHA512withECDSA will have a size of 521.

  • Returns: A certificate request file is created that contains the extracted certificate.

Examples

Batch mode example usage:

  • Using Jacl:
    $AdminTask extractCertificateRequest {-keyStoreName testKeyStore 
-certificateAlias certReq -certificateRequestFilePath c:/temp/testCertReq.arm}
  • Using Jython string:
    AdminTask.extractCertificateRequest ('[-keyStoreName testKeyStore 
-certificateAlias certReq -certificateRequestFilePath c:/temp/testCertReq.arm]')
  • Using Jython list:
    AdminTask.extractCertificateRequest (['-keyStoreName', 'testKeyStore', 
'-certificateAlias', 'certReq', '-certificateRequestFilePath','c:/temp/testCertReq.arm'])

Interactive mode example usage:

  • Using Jacl:
    $AdminTask extractCertificateRequest {-interactive}
  • Using Jython string:
    AdminTask.extractCertificateRequest ('[-interactive]')
  • Using Jython list:
    AdminTask.extractCertificateRequest (['-interactive'])

getCertificateRequest

The getCertificateRequest command obtains information about a particular certificate request in a key store.

Target object

None.

Parameters and return values

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreScope
The scope name of the key store. (String, optional)
-certificateAlias
The name that uniquely identifies the certificate request in a key store. (String, required)
  • Returns: Information about the certificate request.

Examples

Batch mode example usage:

  • Using Jacl:
    $AdminTask getCertificateRequest {-keyStoreName testKeyStore 
-certificateAlias certReq}
  • Using Jython string:
    AdminTask.getCertificateRequest ('[-keyStoreName testKeyStore 
-certificateAlias certReq]')
  • Using Jython list:
    AdminTask.getCertificateRequest (['-keyStoreName', 'testKeyStore', 
'-certificateAlias', 'certReq'])

Interactive mode example usage:

  • Using Jacl:
    $AdminTask getCertificateRequest {-interactive}
  • Using Jython string:
    AdminTask.getCertificateRequest ('[-interactive]')
  • Using Jython list:
    AdminTask.getCertificateRequest (['-interactive'])

listCertificateRequests

The listCertificateRequests command lists all the certificate requests associated with a particular key store.

Target object

None.

Parameters and return values

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreScope
The scope name of the key store. (String, optional)
  • Returns: An attribute list for each certificate request in a key store.

Examples

Batch mode example usage:

  • Using Jacl:
    $AdminTask listCertificateRequest {-keyStoreName testKeyStore}
  • Using Jython string:
    AdminTask.listCertificateRequest ('[-keyStoreName testKeyStore]')
  • Using Jython list:
    AdminTask.listCertificateRequest (['-keyStoreName', 'testKeyStore'])

Interactive mode example usage:

  • Using Jacl:
    $AdminTask listCertificateRequests {-interactive}
  • Using Jython string:
    AdminTask.listCertificateRequests ('[-interactive]')
  • Using Jython list:
    AdminTask.listCertificateRequests (['-interactive'])