Show the Table of Contents

You are here: Reference Manual > Client-side Commands (VTL) > vtl createCert Client Command

Client-Computer Commands (vtl)

vtl createCert ClientCommand

NAME

vtl createCert

SYNOPSIS

vtl createCert -n <common name/server hostname> [-c <country code>] [-s <state>] [-l <locality>] [-o <organization name>] [-unit <organization unit name>] [-e <e-mail address>] [-P <private key out filename>][-C <certificate out filename>] [-v]

DESCRIPTION

Creates the client's certificate and private key that are used for NTLS. Re-creates the key and certificate if they already exist.

If the key and certificate are re-created, the client will need to be removed and re-registered from each of the Luna servers with which it was registered.

 

The server hostname (-n) is the only mandatory field for certificate creation. This is because all other fields of the certificate are used simply for display and visual confirmation purposes. The NTLA never displays certificate data fields to the user, so the content in these fields is irrelevant.

OPTIONS

-n <server hostname>  [mandatory] The hostname (or IP address) of the server to add.

-c <country>  [optional] The country in which the client computer resides.                (Data not used.)

-s <state>  [optional] The state in which the client computer resides. (Data not used.)

-s <locality>  [optional] The city/locality in which the client computer resides. (Data not used.)

-o <organization>  [optional] The organization to which the client computer belongs. i.e. SafeNet-inc (Data not used.)

-u <organizational unit>  [optional] The unit within the organization to which the client belongs. i.e. Engineering, or IT (Data not used.)

-e <e-mail>  [optional] An E-mail address for the certificate. (Data not used.)

-P <private key outfile name>  [optional - default filename is <hostname/ip>Key.pem] A filename for the private key to be created. Only use this switch if you have a need to override the default value.

-C <certificate outfile name>  [optional - default filename is <hostname/ip>.pem] A filename for the certificate to be created. Use this switch only if you have a need to override the default value.

-v   [optional] Verbose mode. Output extra information while creating the certificate and private key.

SAMPLE OUTPUT

Windows

vtl createCert -n test

Private Key created and written to: E:\temp\clientCerts\testKey.pem

Certificate created and written to: E:\temp\clientCerts\test.pem

 

vtl createCert -n test -v

Using configuration from C:\Program Files\SafeNet\LunaClient\openssl.cnf

It needs to be at least 1024

Writing new private key to stdout E:\temp\clientCerts\testKey.pem'

CA [CA]:CA

Ontario [Ontario]:Ontario

Ottawa [Ottawa]:Ottawa

My company [My company]:My company

 []:

test [test]:test

 []:

Private Key created and written to: E:\temp\clientCerts\testKey.pem

Certificate created and written to: E:\temp\clientCerts\test.pem

UNIX

vtl createCert -n test

Private Key created and written to: /usr/safenet/lunaclient/cert/client/testKey.pem

Certificate created and written to: /usr/safenet/lunaclient/cert/client/test.pem

 

 

 

 

Show the Table of Contents