p2pe tls init
Command to initialize TLS Configuration and create a new TLS key pair. The p2pe tls init command creates a key pair and then generates tls certificates and a certificate signing request using that key pair. Re-running the p2pe tls init command overwrites the existing key pair.
On Windows operating systems execute the command from an Administrator Command Prompt. Right-click the Command Prompt and select Run as Administrator.
Linux
p2pe tls init [flags]
Windows
p2pe.exe tls init [flags]
| Flags | Description |
|---|---|
[--client] |
Path to directory containing extracted service client. (Default .) |
[--days] |
Certificate validity period. (Default 365) |
--dns |
Commas separated DNS names as SubjectAltName(s). |
[--force] |
Force an operation, if specified yes is assumed in all prompts. |
[--keySize] |
RSA Key Modulus bits. Minimum 2048, maximum 8192. (Default 2048) |
[--out] |
Output directory to write the TLS configuration and certificate files. (Default .) If omitted, PEM encoded CSR is dumped to stdout. Certificate options include PEM and DER. |
[--password] |
Password for the service. |
--subject |
Subject DN input in OpenSSL style. Example: /CN=example/C=IN/ |
--help |
Help for the command. |
Tip
We do not recommend using a keySize larger than 2048. Larger key sizes can impact HSM performance.
Linux Example
p2pe tls init --days 365 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --keySize 2048 --password Welcome@123 --client ~/<path_to_p2pe_service_client>
Windows Example
p2pe.exe p2pe tls init --days 365 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --keySize 2048 --password Welcome@123 --client ~/<path_to_p2pe_service_client>
Command returns
Successfully initialized TLS Configuration
Output files [dir: '.']:
- tls.pem
- tls_req.pem
- tls.json
