diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-24 02:27:47 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-03-26 11:43:54 -0500 |
commit | 621d9e5c413e561293d7484b93882d985b3fe15f (patch) | |
tree | 638f3d75761c121d9a8fb50b52a12a6686c5ac5c /base/java-tools/doc | |
parent | 40d3643b8d91886bf210aa27f711731c81a11e49 (diff) | |
download | pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.gz pki-621d9e5c413e561293d7484b93882d985b3fe15f.tar.xz pki-621d9e5c413e561293d7484b93882d985b3fe15f.zip |
Removed unnecessary pki folder.
Previously the source code was located inside a pki folder.
This folder was created during svn migration and is no longer
needed. This folder has now been removed and the contents have
been moved up one level.
Ticket #131
Diffstat (limited to 'base/java-tools/doc')
-rw-r--r-- | base/java-tools/doc/README | 161 |
1 files changed, 161 insertions, 0 deletions
diff --git a/base/java-tools/doc/README b/base/java-tools/doc/README new file mode 100644 index 000000000..fa0af7d4b --- /dev/null +++ b/base/java-tools/doc/README @@ -0,0 +1,161 @@ + Certificate System + Java Command Line Utilities + + +Command Line Utility Purpose +============================================================================== +AtoB <input file> <output file> A command line utility utilized + to convert an ASCII BASE 64 + blob into a BINARY BASE 64 blob. + +AuditVerify A command line utility utilized + to verify signatures in signed + audit log files. + +BtoA <input file> <output file> A command line utility utilized + to convert a BINARY BASE 64 + blob into an ASCII BASE 64 blob. + +CMCEnroll A command line utility used to + sign a certificate enrollment + request with an agent's + certificate. + +CMCRequest A command line utility used to + construct a Certificate + Management Messages over + CMS (CMC) request. + +CMCResponse A command line utility used to + parse a CMC response. + +CMCRevoke A command line utility used to + sign a revocation request with + an agent's certificate. + +CRMFPopClient A command line utility used to + generate CRMF requests with + proof of possession (POP). + +DRMTool -drmtool_config_file A command line utility used to + <path + drmtool config file> change the storage key used + -source_ldif_file to wrap the symmetric key + <path + source ldif file> which is used to encrypt the + -target_ldif_file user's private key. + <path + target ldif file> Optionally, this utility + -log_file may also be used to re-index IDs + <path + log file > associated with the various + [-source_pki_security_database_path records which may be useful + <path to PKI source databases> for DRM consolidation. + -source_storage_token_name + '<source token>' + -source_storage_certificate_nickname + '<source nickname>' + -target_storage_certificate_file + <path to target certificate file> + [-source_pki_security_database_pwdfile + <path + pwdfile>]] + [-append_id_offset + <numeric offset> || + -remove_id_offset + <numeric offset>] + [-source_drm_naming_context + <source DRM naming context>] + [-target_drm_naming_context + <target DRM naming context>] + [-process_requests_and_key_records_only] + +ExtJoiner <ext_file0> . . . <ext_file9> A command line utility utilized + to join a sequence of extensions + together so that the final + output can be used in the + configuration wizard for + specifying extra extensions + in default certificates + (i. e. - CA certificate, + SSL certificate). + +GenExtKeyUsage [true|false] A command line utility utilized + <OID_1> . . . <OID_9> to generate a DER-encoded + Extended Key Usage extension. + The first parameter is the + criticality of the extension, + true or false. The OIDs to be + included in the extension are + passed as command-line + arguments. The OIDs are + described in RFC 2459. For + example, the OID for code + signing is 1.3.6.1.5.5.7.3.3. + +GenIssuerAltNameExt <general_type0> A command line utility utilized + <general_name0> to generate an issuer + . . . alternative name extension in + <general_type3> base-64 encoding. The encoding + <general_name3> output can be used with the + configuration wizard, where: + <general_type#> can be one + of the following strings: + DNSName + EDIPartyName + IPAddressName + URIName + RFC822Name + OIDName + X500Name + <general_name#> is a string + +GenSubjectAltNameExt <general_type0> A command line utility utilized + <general_name0> to generate a subject + . . . alternative name extension in + <general_type3> base-64 encoding. The encoding + <general_name3> output can be used with the + configuration wizard, where: + <general_type#> can be one + of the following strings: + DNSName + EDIPartyName + IPAddressName + URIName + RFC822Name + OIDName + X500Name + <general_name#> is a string + +HttpClient A command line utility used + to communicate with any + http/https server. + +OCSPClient A command line utility that + verifies certificate status by + submitting Online Certificate + Status Protocol (OCSP) requests + to an instance of an OCSP + subsystem. + +PKCS10Client A command line utility that + generates a Public Key + Cryptography Standards + (PKCS) #10 enrollment + request. + +PKCS12Export A command line utility utilized + to create PKCS12 file. + +PrettyPrintCert <input file> [output file] A command line utility utilized + to print the contents of a + certificate stored as an ASCII + BASE 64 encoded blob in a + user-friendly manner. + +PrettyPrintCrl <input file> [output file] A command line utility utilized + to print the contents of a + Certificate Revocation List + (CRL) stored as an ASCII + BASE 64 encoded blob in a + user-friendly manner. + +TokenInfo A command line utility utilized + to display all external HSMs + visible to JSS. + |