CertificateRequestCommands command group of the AdminTask object
You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the CertificateRequestCommands group can be used to create and manage certificate requests.
createCertificateRequest
The createCertificateRequest command creates a certificate request that is associated with a particular key store.
Target object
None.Parameters and return values
- -keyStoreName
- The name that uniquely identifies the key store configuration object. (String, required)
- -keyStoreScope
- The scope name of the key store. (String, optional)
- -certificateAlias
- The name that uniquely identifies the certificate request in a key store. (String, required)
- -certificateVersion
- The certificate version. (String, required)
- -certificateSize
- (Integer, required)
- -certificateCommonName
- (String, required)
- -certificateOrganization
- (String, optional)
- -certificateOrganizationalUnit
- (String, optional)
- -certificateLocality
- (String, optional)
- -certificateState
- The state code for the certificate. (String, optional)
- -certificateZip
- The zip code for the certificate. (String, optional)
- -certificateCountry
- The country for the certificate. (String, optional)
- -certificateRequestFilePath
- The file location of the certificate request that can be sent to a certificate authority. (String, required)
- -signatureAlgorithm
- The signature algorithm used to create the self-signed certificate. The list of valid signature algorithms can be retrieved using the listSignatureAlgorithms command. (String, optional)
- -keyUsage
- Specifies the key usage certificate extensions to include in the certificate. Valid values are
digital_signature
,non_repudiation
,key_encipherment
,data_encipherment
,encipher_only
, anddecipher_only
. (String, optional) - -extendedKeyUsage
- Specifies the extended key usage certificate extensions to include in the certificate. Valid
values are
ServerAuth_Id
,ClientAuth_Id
,CodeSigning_Id
,EmailProtection_Id
,IPSecEndSystem_Id
,IPSecTunnel_Id
,IPSecUser_Id
, andTimeStamping_Id
. (String, optional) - -sanDNSName
- Specifies the DNS name of the server for the subject alternative name, which is usually the same as the CN value. (String, optional)
- -sanEmail
- Specifies the email address value to include in the subject alternative name extension. (String, optional)
- -sanIPAddress
- Specifies the IP address value to include in the subject alternative name extension. (String, optional)
- Returns: The configuration object name of the key store object that you created.
Examples
Batch mode example usage:
-
Using Jacl:
$AdminTask createCertificateRequest {-keyStoreName testKeyStore -certificateAlias certReq -certificateSize 1024 -certificate CommonName localhost -certificate Organization testing -certificate RequestFilePath c:/temp/testCertReq.arm}
-
Using Jython string:
AdminTask.createCertificateRequest ('[-keyStoreName testKeyStore -certificateAlias certReq -certificateSize 1024 -certificate CommonName localhost -certificate Organization testing -certificate RequestFilePath c:/temp/testCertReq.arm]')
-
Using Jython list:
AdminTask.createCertificateRequest (['-keyStoreName', 'testKeyStore', '-certificateAlias', 'certReq', '-certificateSize', '1024', '-certificateCommonName', 'localhost','-certificateOrganization', 'testing', '-certificateRequestFilePath','c:/temp/testCertReq.arm'])
Interactive mode example usage:
-
Using Jacl:
$AdminTask createCertificateRequest {-interactive}
-
Using Jython string:
AdminTask.createCertificateRequest ('[-interactive]')
-
Using Jython list:
AdminTask.createCertificateRequest (['-interactive'])
deleteCertificateRequest
The deleteCertificateRequest command deletes a certificate request from a key store.
Target object
None.Parameters and return values
- -keyStoreName
- The name that uniquely identifies the key store configuration object. (String, required)
- -keyStoreScope
- The scope name of the key store. (String, optional)
- -certificateAlias
- The name that uniquely identifies the certificate request in a key store. (String, required)
- Returns: None.
Examples
Batch mode example usage:
-
Using Jacl:
$AdminTask deleteCertificateRequest {-keyStoreName testKeyStore -certificateAlias certReq}
-
Using Jython string:
AdminTask.deleteCertificateRequest ('[-keyStoreName testKeyStore -certificateAlias certReq]')
-
Using Jython list:
AdminTask.deleteCertificateRequest (['-keyStoreName', 'testKeyStore', '-certificateAlias', 'certReq'])
Interactive mode example usage:
-
Using Jacl:
$AdminTask deleteCertificateRequest {-interactive}
-
Using Jython string:
AdminTask.deleteCertificateRequest ('[-interactive]')
-
Using Jython list:
AdminTask.deleteCertificateRequest (['-interactive'])
extractCertificateRequest
The extractCertificateRequestcommand extracts a certificate request to a file.
Target object
None.Parameters and return values
- -keyStoreName
- The name that uniquely identifies the key store configuration object. (String, required)
- -keyStoreScope
- The scope name of the key store. (String, optional)
- -certificateAlias
- The name that uniquely identifies the certificate request in a key store. (String, required)
- -certificateRequestFilePath
- The file location of the certificate request that can be sent to a certificate authority. (String, required)
Optional parameters
- -signatureAlgorithm
- The signature algorithm used to create the self-signed certificate. The list of valid signature
algorithms can be retrieved using the listSignatureAlgorithms command. (String,
optional)
Elliptical Curve signature algorithms require specific sizes, so the size parameter is ignored if SHA256withECDSA, SHA384withECDSA, or SHA512withECDSA is specified. SHA256withECDSA will have a size of 256, SHA384withECDSA will have a size of 384, and SHA512withECDSA will have a size of 521.
- Returns: A certificate request file is created that contains the extracted certificate.
Examples
Batch mode example usage:
-
Using Jacl:
$AdminTask extractCertificateRequest {-keyStoreName testKeyStore -certificateAlias certReq -certificateRequestFilePath c:/temp/testCertReq.arm}
-
Using Jython string:
AdminTask.extractCertificateRequest ('[-keyStoreName testKeyStore -certificateAlias certReq -certificateRequestFilePath c:/temp/testCertReq.arm]')
-
Using Jython list:
AdminTask.extractCertificateRequest (['-keyStoreName', 'testKeyStore', '-certificateAlias', 'certReq', '-certificateRequestFilePath','c:/temp/testCertReq.arm'])
Interactive mode example usage:
-
Using Jacl:
$AdminTask extractCertificateRequest {-interactive}
-
Using Jython string:
AdminTask.extractCertificateRequest ('[-interactive]')
-
Using Jython list:
AdminTask.extractCertificateRequest (['-interactive'])
getCertificateRequest
The getCertificateRequest command obtains information about a particular certificate request in a key store.
Target object
None.Parameters and return values
- -keyStoreName
- The name that uniquely identifies the key store configuration object. (String, required)
- -keyStoreScope
- The scope name of the key store. (String, optional)
- -certificateAlias
- The name that uniquely identifies the certificate request in a key store. (String, required)
- Returns: Information about the certificate request.
Examples
Batch mode example usage:
- Using Jacl:
$AdminTask getCertificateRequest {-keyStoreName testKeyStore -certificateAlias certReq}
- Using Jython string:
AdminTask.getCertificateRequest ('[-keyStoreName testKeyStore -certificateAlias certReq]')
- Using Jython list:
AdminTask.getCertificateRequest (['-keyStoreName', 'testKeyStore', '-certificateAlias', 'certReq'])
Interactive mode example usage:
- Using Jacl:
$AdminTask getCertificateRequest {-interactive}
- Using Jython string:
AdminTask.getCertificateRequest ('[-interactive]')
- Using Jython list:
AdminTask.getCertificateRequest (['-interactive'])
listCertificateRequests
The listCertificateRequests command lists all the certificate requests associated with a particular key store.
Target object
None.Parameters and return values
- -keyStoreName
- The name that uniquely identifies the key store configuration object. (String, required)
- -keyStoreScope
- The scope name of the key store. (String, optional)
- Returns: An attribute list for each certificate request in a key store.
Examples
Batch mode example usage:
-
Using Jacl:
$AdminTask listCertificateRequest {-keyStoreName testKeyStore}
-
Using Jython string:
AdminTask.listCertificateRequest ('[-keyStoreName testKeyStore]')
-
Using Jython list:
AdminTask.listCertificateRequest (['-keyStoreName', 'testKeyStore'])
Interactive mode example usage:
-
Using Jacl:
$AdminTask listCertificateRequests {-interactive}
-
Using Jython string:
AdminTask.listCertificateRequests ('[-interactive]')
-
Using Jython list:
AdminTask.listCertificateRequests (['-interactive'])