alias

Specifies the name that should be used to refer to the certificate in the Key Store. When self-signing the certificate, this should be the same name as that used to create the certificate. Aliases are not case sensitive (for example “MyCertificate” and “mycertificate” would refer to the same Key Store entry.)

certreq

Generates a certificate request.

delete

Deletes a certificate

dname

Specifies the subject to use for the certificate. The subject typically contains at least a CN attribute. The attributes are as follows:

file

Specifies the path to the file containing the signed certificate. The file should be in either the DER-encoded binary format or the base64-encoded ASCII format.

genkey

Creates the certificate.

import

Imports a certificate.

keyalg RSA

Keyalg stands for “key algorithm” and specifies the algorithm that should be used to generate the private key. This should almost always be rsa.

keypass

Specifies the password that should be used to protect the private key in the Key Store. If you don’t provide a password, you will be prompted for it.

keystore

Specifies the path to the Key Store file. The file will be created if it does not already exist. The default Tridium Key Store (tks) path used by the directory server is config/keystore.

provider

Specifies the name of the cryptographic service provider’s master class file when the service provider is not listed in the security properties file.

storepass

Specifies the password that should be used to protect the contents of the Key Store. If you don’t provide a password, you will be prompted for it. The directory server expects the password used for the -keypass and -storepass options to be the same.

storetype

Specifies the Key Store type that should be used. For the NiagaraAX Key Store, the value should always be TKS.

validity

Specifies the length of time in days that the certificate will be valid. The default validity is 90 days.