Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

User Guide
Release Notes
API Reference

All

All

Utilities

SelfSignedCertificate

Please Note:

User Guide
Quick Start
- Installation
  - Installing CADP for C on Linux
  - Installing CADP for C on Windows
  - Client Certificate Renewal in Linux/Windows
- Installed Directories
  - Installed Directory on Linux
  - Installed Directory on Windows
Tasks
- Tasks for CAPI
  - Setting up SSL/TLS on CipherTrust Manager and CADP for C
  - Create an NAE Session
  - Configuring CADP for C CAPI Properties File
  - Connecting to a Server through Single Properties File
  - Connecting to a Server through Multiple Properties File
  - Connecting to a Server through NAE and KMIP Session in a Single configuration
  - Adding CipherTrust Manager Servers
  - Adding Syslog Server
  - Enabling Connection Pooling
  - Securing Passphrase
  - Enabling Asymmetric Key Caching
  - Enabling Symmetric Key Caching
  - Setting Logging Parameters
  - Working with Certificates
    - Importing a Certificate
    - Exporting a Certificate
    - Creating a CA Chain using OpenSSL and Uploading on the CipherTrust Manager
    - Exporting a CA Chain
    - Deleting a Certificate
    - Creating a Certificate Signing Request
    - Signing a CSR with an existing local certificate authority
  - NAE Key Management Operations
    - Creating versioned key
    - Creating a new version of a key
    - Destroying versioned key
    - Creating a CipherSpec for a versioned key
    - Exporting a public versioned key
    - Exporting a symmetric versioned key
    - Getting key attributes of a versioned key
    - Modifying the state of a versioned key
    - Calculating the size of ciphertext created by versioned keys
    - Calculating the size of the ciphertext header for a versioned key
    - Deleting the EVP context created using I_C_Crypt_Fast
    - Deriving AES/HMAC symmetric key from any AES/HMAC symmetric key
    - Wrapping AES Key
    - Search key names by multiple attributes
  - Refresh Cached Keys
- Tasks for PKCS#11
  - Configuring CADP for C PKCS11 Properties File
  - Configuring Registry Editor on Windows for CADP for C PKCS11
  - Initializing CADP PKCS#11 Library
  - Adding CipherTrust Manager Servers
  - Creating a Key
  - Enabling Connection Pooling
  - Enabling Symmetric Key Caching
  - Enabling Asymmetric Key Caching
  - Setting Logging Parameters
  - Migrating VAE to CADP for C
- Modifying the CADP for C Basic Configuration File
Advanced Topics
- Configuration
  - Logging Parameters
  - Network Configuration Parameters
  - Connection Configuration Parameters
  - Caching Parameters
  - SSL Configuration Parameters
  - Miscellaneous Parameters
- Symmetric/Asymmetric Caching
  - Symmetric/Asymmetric Caching, CADP for C CAPI
  - Symmetric/Asymmetric Caching, CADP for C PKCS#11
- Connection Pooling
- Load Balancing Group
- Multi-tier Load Balancing Group
- Persistent Key Caching
- Key Management, CADP for C PKCS#11
- Supported Cryptographic Operations
  - Supported Cryptographic Operations for CAPI
  - Supported Cryptographic Operations for PKCS#11
- Format Preserving Encryption
- Format Preserving Encryption for PKCS#11
- KMIP Key Management in C
- Utilities
  - CryptoDataUtility
  - SelfSignedCertificate
  - RSAEncryptionUtility
- Pkcs11Interop Library for .Net Core
- Upgrade
  - Upgrade from CADP CAPI to CADP for C
  - Recompiling with CADP for C Library
  - For Already Existing CAPI Sample Executables
  - Upgrade from VAE to CADP for C
- Uninstall

CADP for C
User Guide
Advanced Topics
Utilities
SelfSignedCertificate

SelfSignedCertificate

The SelfSignedCertificate utility allows you to create a certificate, generate RSA key (if not present on the CipherTrust Manager), export the RSA key from CipherTrust Manager, get the certificate signed by the key locally, and then generate a PKCS12 format certificate.

On installing CADP for C:

For Windows, the SelfsignedCertificate utility gets installed in the "\CipherTrust\CADP_for_C\utilities\" directory.

Additionally, the certDetails file is also present at the given locations and it will take user inputs about the certificate details in a file and supply it to the utility.

Supported Platforms

The SelfSignedCertificate utility is supported on the following platforms:

Windows Server

The certDetails file provides user specified certificate details to the given utility.

Supported Signing Algorithms

SHA
SHA1
SHA224
SHA256 (Default)
SHA384
SHA512

Supported Certificate Key Usage Parameters

keyEncipherment (default)
digitalSignature (default)
nonRepudiation
keyEncipherment
dataEncipherment
keyAgreement
keyCertSign
cRLSign
encipherOnly
decipherOnly

Commands

To see the utility usage (on Windows):

SelfSignedCertificate -help

To run the utility (on Windows)

SelfSignedCertificate -propertyFile <path to properties file> -user <username> -pass <password> -key <RSA keyname> -detailsFile <certDetails> -passphrase <password for certificate>

The PKCS12 certificate is created at the location given in the certDetails file.

Note

The SelfSignedCertificate utility is not supported when key-caching is enabled.

To run utilities such as SelfSignedCertificate on a Windows platform, the libcrypto, libssl, and libcadp_capi.dll libraries must be added to the utilities folder.

On this page

CADP for C

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Support Contacts
- Text Conventions
Legal

© Copyright 2019-2025, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com