summaryrefslogtreecommitdiffstats
path: root/base/java-tools/doc/README
diff options
context:
space:
mode:
Diffstat (limited to 'base/java-tools/doc/README')
-rw-r--r--base/java-tools/doc/README161
1 files changed, 161 insertions, 0 deletions
diff --git a/base/java-tools/doc/README b/base/java-tools/doc/README
new file mode 100644
index 000000000..fa0af7d4b
--- /dev/null
+++ b/base/java-tools/doc/README
@@ -0,0 +1,161 @@
+ Certificate System
+ Java Command Line Utilities
+
+
+Command Line Utility Purpose
+==============================================================================
+AtoB <input file> <output file> A command line utility utilized
+ to convert an ASCII BASE 64
+ blob into a BINARY BASE 64 blob.
+
+AuditVerify A command line utility utilized
+ to verify signatures in signed
+ audit log files.
+
+BtoA <input file> <output file> A command line utility utilized
+ to convert a BINARY BASE 64
+ blob into an ASCII BASE 64 blob.
+
+CMCEnroll A command line utility used to
+ sign a certificate enrollment
+ request with an agent's
+ certificate.
+
+CMCRequest A command line utility used to
+ construct a Certificate
+ Management Messages over
+ CMS (CMC) request.
+
+CMCResponse A command line utility used to
+ parse a CMC response.
+
+CMCRevoke A command line utility used to
+ sign a revocation request with
+ an agent's certificate.
+
+CRMFPopClient A command line utility used to
+ generate CRMF requests with
+ proof of possession (POP).
+
+DRMTool -drmtool_config_file A command line utility used to
+ <path + drmtool config file> change the storage key used
+ -source_ldif_file to wrap the symmetric key
+ <path + source ldif file> which is used to encrypt the
+ -target_ldif_file user's private key.
+ <path + target ldif file> Optionally, this utility
+ -log_file may also be used to re-index IDs
+ <path + log file > associated with the various
+ [-source_pki_security_database_path records which may be useful
+ <path to PKI source databases> for DRM consolidation.
+ -source_storage_token_name
+ '<source token>'
+ -source_storage_certificate_nickname
+ '<source nickname>'
+ -target_storage_certificate_file
+ <path to target certificate file>
+ [-source_pki_security_database_pwdfile
+ <path + pwdfile>]]
+ [-append_id_offset
+ <numeric offset> ||
+ -remove_id_offset
+ <numeric offset>]
+ [-source_drm_naming_context
+ <source DRM naming context>]
+ [-target_drm_naming_context
+ <target DRM naming context>]
+ [-process_requests_and_key_records_only]
+
+ExtJoiner <ext_file0> . . . <ext_file9> A command line utility utilized
+ to join a sequence of extensions
+ together so that the final
+ output can be used in the
+ configuration wizard for
+ specifying extra extensions
+ in default certificates
+ (i. e. - CA certificate,
+ SSL certificate).
+
+GenExtKeyUsage [true|false] A command line utility utilized
+ <OID_1> . . . <OID_9> to generate a DER-encoded
+ Extended Key Usage extension.
+ The first parameter is the
+ criticality of the extension,
+ true or false. The OIDs to be
+ included in the extension are
+ passed as command-line
+ arguments. The OIDs are
+ described in RFC 2459. For
+ example, the OID for code
+ signing is 1.3.6.1.5.5.7.3.3.
+
+GenIssuerAltNameExt <general_type0> A command line utility utilized
+ <general_name0> to generate an issuer
+ . . . alternative name extension in
+ <general_type3> base-64 encoding. The encoding
+ <general_name3> output can be used with the
+ configuration wizard, where:
+ <general_type#> can be one
+ of the following strings:
+ DNSName
+ EDIPartyName
+ IPAddressName
+ URIName
+ RFC822Name
+ OIDName
+ X500Name
+ <general_name#> is a string
+
+GenSubjectAltNameExt <general_type0> A command line utility utilized
+ <general_name0> to generate a subject
+ . . . alternative name extension in
+ <general_type3> base-64 encoding. The encoding
+ <general_name3> output can be used with the
+ configuration wizard, where:
+ <general_type#> can be one
+ of the following strings:
+ DNSName
+ EDIPartyName
+ IPAddressName
+ URIName
+ RFC822Name
+ OIDName
+ X500Name
+ <general_name#> is a string
+
+HttpClient A command line utility used
+ to communicate with any
+ http/https server.
+
+OCSPClient A command line utility that
+ verifies certificate status by
+ submitting Online Certificate
+ Status Protocol (OCSP) requests
+ to an instance of an OCSP
+ subsystem.
+
+PKCS10Client A command line utility that
+ generates a Public Key
+ Cryptography Standards
+ (PKCS) #10 enrollment
+ request.
+
+PKCS12Export A command line utility utilized
+ to create PKCS12 file.
+
+PrettyPrintCert <input file> [output file] A command line utility utilized
+ to print the contents of a
+ certificate stored as an ASCII
+ BASE 64 encoded blob in a
+ user-friendly manner.
+
+PrettyPrintCrl <input file> [output file] A command line utility utilized
+ to print the contents of a
+ Certificate Revocation List
+ (CRL) stored as an ASCII
+ BASE 64 encoded blob in a
+ user-friendly manner.
+
+TokenInfo A command line utility utilized
+ to display all external HSMs
+ visible to JSS.
+
generated by cgit (git 2.34.1) at 2024-05-02 23:01:23 +0000