Java Tools#
The ‘pki-java-tools’ and ‘pki-java-tools-javadoc’ packages are now a part of the ‘pki-core’ source package.
Command Line Utility |
Purpose |
|---|---|
A command line utility utilized to convert an ASCII BASE 64 blob into a BINARY BASE 64 blob. |
|
A command line utility utilized to verify signatures in signed audit log files. |
|
A command line utility utilized to convert a BINARY BASE 64 blob into an ASCII BASE 64 blob. |
|
A command line utility used to sign a certificate enrollment request with an agent’s certificate. |
|
A command line utility used to construct a Certificate Management Messages over CMS (CMC) request. |
|
A command line utility used to parse a CMC response. |
|
A command line utility used to sign a revocation request with an agent’s certificate. |
|
CRMFPopClient |
A command line utility used to generate CRMF requests with proof of possession (POP). |
DRMTool |
A command line utility that can be used to rewrap user’s private archived keys using a new, generally stronger, private DRM storage key, and/or can be used to renumber DRM ldif records. |
DRMTool.cfg |
The configuration file utilized by the DRMTool command line utility. |
ExtJoiner <ext_file0> . . . <ext_file9> |
A command line utility utilized to join a sequence of extensions together so that the final output can be used in the configuration wizard for specifying extra extensions in default certificates (i. e. - CA certificate, SSL certificate). |
GenExtKeyUsage [true|false] <OID_1> … <OID_9> |
A command line utility utilized to generate a DER-encoded Extended Key Usage extension. The first parameter is the criticality of the extension, true or false. The OIDs to be included in the extension are passed as command-line arguments. The OIDs are described in RFC 2459. For example, the OID for code signing is 1.3.6.1.5.5.7.3.3. |
GenI ssuerAltNameExt <general_type0> <general_name0> … <general_type3> <general_name3> |
A command line utility utilized to generate an
issuer alternative name extension in base-64
encoding. The encoding output can be used with
the configuration wizard, where:
* <general_type#> can be one of the following
strings:
** DNSName
|
GenSu bjectAltNameExt <general_type0> <general_name0> … <general_type3> <general_name3> |
A command line utility utilized to generate a
subject alternative name extension in base-64
encoding. The encoding output can be used with
the configuration wizard, where:
* <general_type#> can be one of the following
strings:
** DNSName
|
A command line utility used to communicate with any http/https server. |
|
b.com/dogtagpki /pki/wiki/Using -OCSPClient>`__ |
A command line utility that verifies certificate status by submitting Online Certificate Status Protocol (OCSP) requests to an instance of an OCSP subsystem. A command line utility that generates a Public Key Cryptography Standards (PKCS) #10 enrollment request. |
A command line utility which generates a 1024-bit RSA key pair in the security database, constructs a PKCS#10 certificate request with the public key, and outputs the request to a file. |
|
` PKCS12Export <P KCS12Export>`__ |
A command line utility utilized to create PKCS12 file. |
PrettyPrintCert <input file> [output file] |
A command line utility utilized to print the contents of a certificate stored as an ASCII BASE 64 encoded blob in a user-friendly manner. |
PrettyPrintCrl <input file> [output file] |
A command line utility utilized to print the contents of a Certificate Revocation List (CRL) stored as an ASCII BASE 64 encoded blob in a user-friendly manner. |
TokenInfo |
A command line utility utilized to display all external HSMs visible to JSS. |
Native Tools#
The ‘pki-native-tools’ package is now a part of the ‘pki-core’ source package.
Command Line Utility |
Purpose |
|---|---|
p7tool |
A command line tool used to display/process PKCS 7 content. |
revoker |
A command line tool which may be conveniently utilized to automate user management scripts used to revoke certificates. |
setpin |
A command line tool utilized to enable Dogtag Certificate System to utilize PIN-based authentication. |
setpin.conf |
The configuration file utilized by the setpin command line utility. |
A command line tool similar to the wget command, which downloads files over HTTP. The sslget command line tool supports client authentication using NSS libraries, and the configuration wizard uses this utility to retrieve security domain information from the CA. |
|
tkstool |
A command line tool utilized to construct DES 2 symmetric keys utilized in conjunction with the Dogtag Certificate System Token Key Service subsystem. |
NOTE: As of PKI 9.0, the ‘bulkissuance’ tool has been ‘discontinued’!