Certificate System Java Command Line Utilities Command Line Utility Purpose ============================================================================== AtoB A command line utility utilized to convert an ASCII BASE 64 blob into a BINARY BASE 64 blob. AuditVerify A command line utility utilized to verify signatures in signed audit log files. BtoA A command line utility utilized to convert a BINARY BASE 64 blob into an ASCII BASE 64 blob. CMCEnroll A command line utility used to sign a certificate enrollment request with an agent's certificate. CMCRequest A command line utility used to construct a Certificate Management Messages over CMS (CMC) request. CMCResponse A command line utility used to parse a CMC response. CMCRevoke A command line utility used to sign a revocation request with an agent's certificate. CRMFPopClient A command line utility used to generate CRMF requests with proof of possession (POP). ExtJoiner . . . A command line utility utilized to join a sequence of extensions together so that the final output can be used in the configuration wizard for specifying extra extensions in default certificates (i. e. - CA certificate, SSL certificate). GenExtKeyUsage [true|false] A command line utility utilized . . . to generate a DER-encoded Extended Key Usage extension. The first parameter is the criticality of the extension, true or false. The OIDs to be included in the extension are passed as command-line arguments. The OIDs are described in RFC 2459. For example, the OID for code signing is 1.3.6.1.5.5.7.3.3. GenIssuerAltNameExt A command line utility utilized to generate an issuer . . . alternative name extension in base-64 encoding. The encoding output can be used with the configuration wizard, where: can be one of the following strings: DNSName EDIPartyName IPAddressName URIName RFC822Name OIDName X500Name is a string GenSubjectAltNameExt A command line utility utilized to generate a subject . . . alternative name extension in base-64 encoding. The encoding output can be used with the configuration wizard, where: can be one of the following strings: DNSName EDIPartyName IPAddressName URIName RFC822Name OIDName X500Name is a string HttpClient A command line utility used to communicate with any http/https server. OCSPClient A command line utility that verifies certificate status by submitting Online Certificate Status Protocol (OCSP) requests to an instance of an OCSP subsystem. PKCS10Client A command line utility that generates a Public Key Cryptography Standards (PKCS) #10 enrollment request. PKCS12Export A command line utility utilized to create PKCS12 file. PrettyPrintCert [output file] A command line utility utilized to print the contents of a certificate stored as an ASCII BASE 64 encoded blob in a user-friendly manner. PrettyPrintCrl [output file] A command line utility utilized to print the contents of a Certificate Revocation List (CRL) stored as an ASCII BASE 64 encoded blob in a user-friendly manner. TokenInfo A command line utility utilized to display all external HSMs visible to JSS.