tadm create-cert-request common_options [--key-type=rsa|ecc] ([--key-size=size] | [--curve=curve_name]) [--org=org] [--org-unit=org_unit] [--locality=place] [--state=name] [--country=name] --config=config_name --token=name --server-name=[dns_name,..]
Use this command to create a new certificate request. A certificate consists of digital data that specifies the name of an individual, company, or other entity, and certifies that the public key included in the certificate belongs to that entity. Both clients and servers can have certificates.
A certificate is issued and digitally signed by a (CA) Certificate Authority. The CA can be a company that sells certificates over the Internet, or it can be a department responsible for issuing certificates for your company's intranet or extranet. You decide which CAs you trust enough to serve as verifiers of other user's identities. The create-cert-request command prompts for a token password if the token is password protected.
When you choose the key-size as rsa, specify the key size. When you choose the key-type as ecc, specify the name for the curve. The key-size and curve options in the command are mutually exclusive.
For information about common_options, run the help command.
--key-type|-kSpecify the type of the certificate key. The key types can be rsa or ecc, where:
rsa is an internet encryption and authentication system using public and private keys.
ecc (elliptic curve cryptography) is a public key encryption technique. It is based on the elliptic curve theory that enables security with smaller key sizes. This results in faster computations, lower power consumption, as well as memory and bandwidth savings
--key-size|-zSpecify the size of the certificate key. This option is applicable if you choose the key-type as rsa. The key size can be 1024, 2048, or 4098.
--curve|-rSpecify the name of the curve. This option is applicable if you choose the key-type as ecc.
--org|-gSpecify the name of your organization, company, or educational institution.
--org-unit|-oEnter a description of an organizational unit within your company.
--locality|-lEnter a description of the city, principality, or country of the organization.
--state|-aSpecify the state or province where your organization is located.
--country|-ySpecify a two-character abbreviation of your country's name (in ISO format). For example, the country code for the United States is US.
--config|-cSpecify the name of the configuration for which you want to create the certificate.
--token|-tSpecify the token (cryptographic device) name, which contains the encrypted public key.
--server-name|-sSpecify the host name of the server for which you are requesting a certificate from the CA.
Note:
The propertyserver-name enables you to specify multiple values, with each value enclosed in quotes and separated by commas.When you choose key-type as rsa
tadm create-cert-request --user=admin --host=admin.example.com --password-file=./admin.passwd --port=8989 --no-prompt --key-size=2048 --org=ora --country=IN --locality=abc --config=www.example.org --token=internal --server-name=config1.org
When you choose key-type as ecc
tadm create-cert-request --user=admin --host=admin.example.com --password-file=./admin.passwd --port=8989 --no-prompt --curve=certificate_manager --org=ora --country=IN --locality=abc --config=www.example.org --token=internal --server-name=config2.org
The following exit values are returned:
0: command executed successfully
>0: error in executing the command
For more information about exit codes and syntax notations, run the help command.