Java Tools#
Command Line Utility |
Purpose |
---|---|
A command line utility utilized to convert an ASCII BASE 64 blob into a BINARY BASE 64 blob. |
|
A command line utility utilized to verify signatures in signed audit log files. |
|
A command line utility utilized to convert a BINARY BASE 64 blob into an ASCII BASE 64 blob. |
|
A command line utility used to sign a certificate enrollment request with an agent’s certificate. |
|
A command line utility used to construct a Certificate Management Messages over CMS (CMC) request. |
|
A command line utility used to parse a CMC response. |
|
A command line utility used to sign a revocation request with an agent’s certificate. |
|
CRMFPopClient |
A command line utility used to generate CRMF requests with proof of possession (POP). |
ExtJoiner <ext_file0> . . . <ext_file9> |
A command line utility utilized to join a sequence of extensions together so that the final output can be used in the configuration wizard for specifying extra extensions in default certificates (i. e. - CA certificate, SSL certificate). |
GenExtKeyUsage [true|false] <OID_1> … <OID_9> |
A command line utility utilized to generate a DER-encoded Extended Key Usage extension. The first parameter is the criticality of the extension, true or false. The OIDs to be included in the extension are passed as command-line arguments. The OIDs are described in RFC 2459. For example, the OID for code signing is 1.3.6.1.5.5.7.3.3. |
GenI ssuerAltNameExt <general_type0> <general_name0> … <general_type3> <general_name3> |
A command line utility utilized to generate an
issuer alternative name extension in base-64
encoding. The encoding output can be used with
the configuration wizard, where:
* <general_type#> can be one of the following
strings:
** DNSName
|
GenSu bjectAltNameExt <general_type0> <general_name0> … <general_type3> <general_name3> |
A command line utility utilized to generate a
subject alternative name extension in base-64
encoding. The encoding output can be used with
the configuration wizard, where:
* <general_type#> can be one of the following
strings:
** DNSName
|
HttpClient |
A command line utility used to communicate with any http/https server. |
b.com/dogtagpki /pki/wiki/Using -OCSPClient>`__ |
A command line utility that verifies certificate status by submitting Online Certificate Status Protocol (OCSP) requests to an instance of an OCSP subsystem. A command line utility that generates a Public Key Cryptography Standards (PKCS) #10 enrollment request. |
` PKCS12Export <P KCS12Export>`__ |
A command line utility utilized to create PKCS12 file. |
PrettyPrintCert <input file> [output file] |
A command line utility utilized to print the contents of a certificate stored as an ASCII BASE 64 encoded blob in a user-friendly manner. |
PrettyPrintCrl <input file> [output file] |
A command line utility utilized to print the contents of a Certificate Revocation List (CRL) stored as an ASCII BASE 64 encoded blob in a user-friendly manner. |
TokenInfo |
A command line utility utilized to display all external HSMs visible to JSS. |
Native Tools#
Command Line Utility
Purpose
bulkissuance
A command line utility utilized to send either a KEYGEN or CRMF enrollment request to the bulk issuance interface for the automatic creation of certificates.
bulkissuance.data
An example data file for use with the bulkissuance tool.
revoker
A command line tool which may be conveniently utilized to automate user management scripts used to revoke certificates.
setpin
A command line tool utilized to enable Dogtag Certificate System to utilize PIN-based authentication.
setpin.conf
The configuration file utilized by the setpin command line utility.
tkstool
A command line tool utilized to construct DES 2 symmetric keys utilized in conjunction with the Dogtag Certificate System Token Key Service subsystem.