From 621d9e5c413e561293d7484b93882d985b3fe15f Mon Sep 17 00:00:00 2001 From: Endi Sukma Dewata Date: Sat, 24 Mar 2012 02:27:47 -0500 Subject: Removed unnecessary pki folder. Previously the source code was located inside a pki folder. This folder was created during svn migration and is no longer needed. This folder has now been removed and the contents have been moved up one level. Ticket #131 --- base/java-tools/doc/README | 161 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 161 insertions(+) create mode 100644 base/java-tools/doc/README (limited to 'base/java-tools/doc/README') diff --git a/base/java-tools/doc/README b/base/java-tools/doc/README new file mode 100644 index 000000000..fa0af7d4b --- /dev/null +++ b/base/java-tools/doc/README @@ -0,0 +1,161 @@ + Certificate System + Java Command Line Utilities + + +Command Line Utility Purpose +============================================================================== +AtoB A command line utility utilized + to convert an ASCII BASE 64 + blob into a BINARY BASE 64 blob. + +AuditVerify A command line utility utilized + to verify signatures in signed + audit log files. + +BtoA A command line utility utilized + to convert a BINARY BASE 64 + blob into an ASCII BASE 64 blob. + +CMCEnroll A command line utility used to + sign a certificate enrollment + request with an agent's + certificate. + +CMCRequest A command line utility used to + construct a Certificate + Management Messages over + CMS (CMC) request. + +CMCResponse A command line utility used to + parse a CMC response. + +CMCRevoke A command line utility used to + sign a revocation request with + an agent's certificate. + +CRMFPopClient A command line utility used to + generate CRMF requests with + proof of possession (POP). + +DRMTool -drmtool_config_file A command line utility used to + change the storage key used + -source_ldif_file to wrap the symmetric key + which is used to encrypt the + -target_ldif_file user's private key. + Optionally, this utility + -log_file may also be used to re-index IDs + associated with the various + [-source_pki_security_database_path records which may be useful + for DRM consolidation. + -source_storage_token_name + '' + -source_storage_certificate_nickname + '' + -target_storage_certificate_file + + [-source_pki_security_database_pwdfile + ]] + [-append_id_offset + || + -remove_id_offset + ] + [-source_drm_naming_context + ] + [-target_drm_naming_context + ] + [-process_requests_and_key_records_only] + +ExtJoiner . . . A command line utility utilized + to join a sequence of extensions + together so that the final + output can be used in the + configuration wizard for + specifying extra extensions + in default certificates + (i. e. - CA certificate, + SSL certificate). + +GenExtKeyUsage [true|false] A command line utility utilized + . . . to generate a DER-encoded + Extended Key Usage extension. + The first parameter is the + criticality of the extension, + true or false. The OIDs to be + included in the extension are + passed as command-line + arguments. The OIDs are + described in RFC 2459. For + example, the OID for code + signing is 1.3.6.1.5.5.7.3.3. + +GenIssuerAltNameExt A command line utility utilized + to generate an issuer + . . . alternative name extension in + base-64 encoding. The encoding + output can be used with the + configuration wizard, where: + can be one + of the following strings: + DNSName + EDIPartyName + IPAddressName + URIName + RFC822Name + OIDName + X500Name + is a string + +GenSubjectAltNameExt A command line utility utilized + to generate a subject + . . . alternative name extension in + base-64 encoding. The encoding + output can be used with the + configuration wizard, where: + can be one + of the following strings: + DNSName + EDIPartyName + IPAddressName + URIName + RFC822Name + OIDName + X500Name + is a string + +HttpClient A command line utility used + to communicate with any + http/https server. + +OCSPClient A command line utility that + verifies certificate status by + submitting Online Certificate + Status Protocol (OCSP) requests + to an instance of an OCSP + subsystem. + +PKCS10Client A command line utility that + generates a Public Key + Cryptography Standards + (PKCS) #10 enrollment + request. + +PKCS12Export A command line utility utilized + to create PKCS12 file. + +PrettyPrintCert [output file] A command line utility utilized + to print the contents of a + certificate stored as an ASCII + BASE 64 encoded blob in a + user-friendly manner. + +PrettyPrintCrl [output file] A command line utility utilized + to print the contents of a + Certificate Revocation List + (CRL) stored as an ASCII + BASE 64 encoded blob in a + user-friendly manner. + +TokenInfo A command line utility utilized + to display all external HSMs + visible to JSS. + -- cgit