SelfSignedCertificate
The SelfSignedCertificate utility allows you to create a certificate, generate RSA key (if not present on the CipherTrust Manager), export the RSA key from CipherTrust Manager, get the certificate signed by the key locally, and then generate a PKCS12 format certificate.
On installing CADP for C:
- For Windows, the
SelfsignedCertificateutility gets installed in the "\CipherTrust\CADP_for_C\utilities\" directory.
Additionally, the certDetails file is also present at the given locations and it will take user inputs about the certificate details in a file and supply it to the utility.
Supported Platforms
The SelfSignedCertificate utility is supported on the following platforms:
- Windows Server
The certDetails file provides user specified certificate details to the given utility.
Supported Signing Algorithms
-
SHA
-
SHA1
-
SHA224
-
SHA256 (Default)
-
SHA384
-
SHA512
Supported Certificate Key Usage Parameters
-
keyEncipherment (default)
-
digitalSignature (default)
-
nonRepudiation
-
keyEncipherment
-
dataEncipherment
-
keyAgreement
-
keyCertSign
-
cRLSign
-
encipherOnly
-
decipherOnly
Commands
To see the utility usage (on Windows):
SelfSignedCertificate -help
To run the utility (on Windows)
SelfSignedCertificate -propertyFile <path to properties file> -user <username> -pass <password> -key <RSA keyname> -detailsFile <certDetails> -passphrase <password for certificate>
The PKCS12 certificate is created at the location given in the certDetails file.
Note
The SelfSignedCertificate utility is not supported when key-caching is enabled.
Tip
To run utilities such as SelfSignedCertificate on a Windows platform, the libcrypto, libssl, and libcadp_capi.dll libraries must be added to the utilities folder.
