Use this command to create a new certificate request. A certificate consists of digital data that specifies the name of an individual, company, or other entity and certifies that the public key included in the certificate belongs to that entity. Both clients and servers can have certificates.
A certificate is issued and digitally signed by a Certificate Authority (CA). The CA can be a company that sells certificates over the Internet, or it can be a department responsible for issuing certificates for your company's intranet or extranet. You decide which CAs you trust enough to serve as verifiers of other user's identities. Before requesting a server certificate, you must create a trust database.
In Sun Java System Web Server 7.0, Administration Server and each server instance can have its own trust database. The trust database should only be created on your local machine. After creating a certificate trust database for your server, you can request a certificate and submit it to a CA.
For connect_options description, see help(1).
Specify this option to print this command on the standard output before executing. Also, prints the default value for all the non-mandatory options that you have not provided in the command.
If you specify this option, wadm will not prompt you for passwords while executing this command. Use this option if you have defined all passwords in a password file and specified the file using the --password-file connect_option.
Specify this option to display a verbose output.
Specify the type of the certificate key. The key types can be rsa or ecc.
rsa is an internet encryption and authentication system using public and private keys.
ecc (Elliptic Curve Cryptography) is a public key encryption technique. It is based on the elliptic curve theory that enables security with smaller key sizes. This results in faster computations, lower power consumption, as well as memory and bandwidth savings.
Specify the size of the certificate key. This option is applicable if you choose the key-type as rsa. The key size can be 1024, 2048 or 4098.
Specify the name of the curve. This option is applicable if you choose the key-type as ecc.
Specify the Personal Identification Number (PIN) required to initialize the token. You can also define the token-pin in the password file.
Specify the name of your organization, company, or educational institution.
Enter a description of an organizational unit within your company.
Enter a description of the city, principality, or country of the organization.
Specify the state or province where your organization is located.
Specify a two-character abbreviation of your country's name (in ISO format). For example, the country code for the United States is US.
Specify the name of the configuration for which you want create the certificate. The configuration name is added to the Certificate Signing Request (CSR) text.
Specify the token (cryptographic device) name, which contains the encrypted public key.
Specify the name of the server for which you are requesting a certificate from the Certificate Authority (CA). You should have a trust database created for this server.
wadm create-cert-request --user=admin --password-file=admin.pwd --host=serverhost --port=8989 --config=config1 --server-name=servername.org --org=sun --country=AB --state=DEF --locality=XYZ --token=internal
The following exit values are returned:
command executed successfully
error in executing the command