This program generally is called by CDSA_SYSDIR:[SIGN]CDSA$GEN_CERTS.COM.
certype location |
| | certtype can be one of the following:
-s | | Indicates a self-signed certificate. | -i | | Indicates a certificate signed by another certificate. | -v | | Indicates that the created certificate takes itssubject and public key from a certificate issued by another vendor.You cannot use this option to create a self-signed certificate. | location | | Indicates where the issuer certificate is read fromif -i or -v is specified. |
|
filename | | If certtype is -s or -i, filename indicates the location of the XML template that contains the Subject Name that must go into this certificate. If certtype is -v, filename indicates the location of the Vendor Certificate. |
algorithm | | Indicates the algorithm used to generate the keypair associated with the certificate being created. The specifiedalgorithm must be supported by one of the Cryptographic Service Providersavailable in the local implementation of CDSA. The algorithm canbe either DSA or RSA. This parameter is not valid if -v isspecified for certtype. |
keysize | | Specifies the logical key size (in bits) of thekey pair being generated. Typical examples are 128, 256, 512, 1024,and so on. The specified key size must be supported by one of the CryptographicService Providers available in the local implementation of CDSA. This parameter is not valid if -v is specifiedfor certtype. |
cspguid | | The globally unique identifier of the CryptographicService Provider that is being used. |
certfile | | The output file into which the created certificateis to be written. |
subject_password |
| | The password used to protect a key pair if one isbeing generated. This parameter is not valid if -v isspecified for certtype. |
issuer_password |
| | The password used to unlock the private key requiredto sign the generated certificate. This parameter is not validif -s is specified for certtype. |
validity_period |
| | The validity period for the certificate. This parametercontains a start and end date for the validity period in the formYYMMDDHHMMSS YYMMDDHHMMSS. The validity period cannot extend beyondthe year 2049. If validity_period is not specified, the validity period for the certificatelasts for exactly one year. |