Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

p2pe tls

p2pe tls init

search
printsuggest an edit

p2pe tls init

Command to initialize TLS Configuration and create a new TLS key pair. The p2pe tls init command creates a key pair and then generates tls certificates and a certificate signing request using that key pair. Re-running the p2pe tls init command overwrites the existing key pair.

On Windows operating systems execute the command from an Administrator Command Prompt. Right-click the Command Prompt and select Run as Administrator.

Linux

p2pe tls init [flags]

Windows

p2pe.exe tls init [flags]
Flags Description
[--client] Path to directory containing extracted service client. (Default .)
[--days] Certificate validity period. (Default 365)
--dns Commas separated DNS names as SubjectAltName(s).
[--force] Force an operation, if specified yes is assumed in all prompts.
[--keySize] RSA Key Modulus bits. Minimum 2048, maximum 8192. (Default 2048)
[--out] Output directory to write the TLS configuration and certificate files. (Default .) If omitted, PEM encoded CSR is dumped to stdout. Certificate options include PEM and DER.
[--password] Password for the service.
--subject Subject DN input in OpenSSL style. Example: /CN=example/C=IN/
--help Help for the command.

Tip

We do not recommend using a keySize larger than 2048. Larger key sizes can impact HSM performance.

Linux Example

p2pe tls init --days 365 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --keySize 2048 --password Welcome@123 --client ~/<path_to_p2pe_service_client>

Windows Example

p2pe.exe p2pe tls init --days 365 --dns 0.0.0.0 --subject /CN=localhost/C=IN/ --keySize 2048 --password Welcome@123 --client ~/<path_to_p2pe_service_client>

Command returns

Successfully initialized TLS Configuration
Output files [dir: '.']:
 - tls.pem
 - tls_req.pem
 - tls.json

On this page

    Float Icon 5