Designate a keystore for each certificate and PIN.
Generate a self-signed certificate.
Generate a certificate request.
Generate a symmetric key.
Import objects into the keystore.
List the objects in the keystore.
Delete objects from the keystore.
Download a CRL.
Generate a passphrase for the keystore.
Generate a passphrase for an object in the keystore.