create-cert-request <connect_options> [--echo|-e] [--no-prompt|-Q] [--verbose|-v] [--org-unit|-o unit] [--locality|-l place] [--state|-a name] [--org|-g org] [--country|-y name] [--token-pin|-P name] [--key-type|-k (rsa|ecc)] [--key-size|-z size] [--curve|-r curvename] [--alt-server-name|-A dns-name] --config|-c config-name --token|-t name --server-name|-s name
Use this command to create a new certificate request. A certificate consists of digital data that specifies the name of an individual, company, or other entity and certifies that the public key included in the certificate belongs to that entity. Both clients and servers can have certificates.
A certificate is issued and digitally signed by a Certificate Authority (CA). The CA can be a company that sells certificates over the Internet, or it can be a department responsible for issuing certificates for your company's intranet or extranet. You decide which CAs you trust enough to serve as verifiers of other user's identities. In Sun Java System Web Server, Administration Server and each server instance can have its own trust database.
For connect_options description, see help(1).
Specify this option to print this command on the standard output before executing. This option also prints the default value for all the non-mandatory options that you do not provide in the command.
If you specify this option, wadm will not prompt you for passwords while executing this command. Use this option if you have defined all passwords in a password file and specified the file using the --password-file connect_option.
Specify this option to display a verbose output.
Specify the type of the certificate key. The key types can be rsa or ecc, where
rsa is an internet encryption and authentication system using public and private keys.
ecc (Elliptic Curve Cryptography) is a public key encryption technique. It is based on the elliptic curve theory that enables security with smaller key sizes. This results in faster computations, lower power consumption, as well as memory and bandwidth savings.
Specify the size of the certificate key. This option is applicable if you choose the key-type as rsa. The key size can be 1024, 2048 or 4098.
Specify the name of the curve. This option is applicable if you choose the key-type as ecc.
Specify the Personal Identification Number (PIN) required to initialize the token. You can also define the token-pin in the password file.
Specify the name of your organization, company, or educational institution.
Enter a description of an organizational unit within your company.
Enter a description of the city, principality, or country of the organization.
Specify the state or province where your organization is located.
Specify a two-character abbreviation of your country's name (in ISO format). For example, the country code for the United States is US.
Specify the name of the configuration for which you want create the certificate.
Specify the token (cryptographic device) name, which contains the encrypted public key.
Specify the host name of the server for which you are requesting a certificate from the Certificate Authority (CA).
(This option is deprecated. A list of domain names can be added in the server name, separated by commas.) Specify the domain names of the host provided in the server-name option.
wadm create-cert-request --user=admin --host=serverhost --port=8989 --ssl=true --prompt=false --rcfile=null --password-file=certdb.newpasswd --org=sun --country=IN --locality=abc certreq --config=config1 --token=internal --server-name=config1.org --alt-server-name=config2.org
The following exit values are returned:
command executed successfully
error in executing the command