Key Management Utility command line options

Key Management Utility command line options

This topic contains a description of the options that we can use with the gsk7cmd command.
The following table describes each action possible on a specified object:

Option Description
dB Fully qualified path name of a key database
-default_cert Sets a certificate to use as the default certificate for client authentication (yes or no). Default is no.
-dn X.500 distinguished name. Input as a quoted string of the following format (only CN, O, and C are required): "CN=Jane Doe,O=IBM,OU=Java Development,L=Endicott, ST=NY,ZIP=13760,C=country"
encryption Strength of encryption used in certificate export command (strong or weak). Default is strong.
-expire Expiration time of either a certificate or a database password (in days). Defaults are: 365 days for a certificate and 60 days for a database password.
-file File name of a certificate or certificate request (depending on specified object).
-format Format of a certificate (either ASCII for Base64_encoded ASCII or binary for Binary DER data). Default is ASCII.
-label Label attached to a certificate or certificate request
-new_format New format of key database
-new_pw New database password
-old_format Old format of key database
-pw Password for the key database or PKCS#12 file. See Creating a new key database.
-size Key size (512 or 1024). Default is 1024.
-stash Indicator to stash the key database password to a file. If specified, the password will be stashed in a file.
-target Destination file or database
-target_pw Password for the key database if -target specifies a key database. See Creating a new key database.
-target_type Type of database specified by -target operand (see -type)
-trust Trust status of a CA certificate (enable or disable). Default is enable.
-type Type of database. Allowable values are CMS (indicates a CMS key database), webdb (indicates a keyring), sslight (indicates an SSLight .class), or pkcs12 (indicates a PKCS#12 file).
-x509version Vof X.509 certificate to create (1, 2 or 3). Default is 3.

Option	Description
dB	Fully qualified path name of a key database
-default_cert	Sets a certificate to use as the default certificate for client authentication (yes or no). Default is no.
-dn	X.500 distinguished name. Input as a quoted string of the following format (only CN, O, and C are required): "CN=Jane Doe,O=IBM,OU=Java Development,L=Endicott, ST=NY,ZIP=13760,C=country"
encryption	Strength of encryption used in certificate export command (strong or weak). Default is strong.
-expire	Expiration time of either a certificate or a database password (in days). Defaults are: 365 days for a certificate and 60 days for a database password.
-file	File name of a certificate or certificate request (depending on specified object).
-format	Format of a certificate (either ASCII for Base64_encoded ASCII or binary for Binary DER data). Default is ASCII.
-label	Label attached to a certificate or certificate request
-new_format	New format of key database
-new_pw	New database password
-old_format	Old format of key database
-pw	Password for the key database or PKCS#12 file. See Creating a new key database.
-size	Key size (512 or 1024). Default is 1024.
-stash	Indicator to stash the key database password to a file. If specified, the password will be stashed in a file.
-target	Destination file or database
-target_pw	Password for the key database if -target specifies a key database. See Creating a new key database.
-target_type	Type of database specified by -target operand (see -type)
-trust	Trust status of a CA certificate (enable or disable). Default is enable.
-type	Type of database. Allowable values are CMS (indicates a CMS key database), webdb (indicates a keyring), sslight (indicates an SSLight .class), or pkcs12 (indicates a PKCS#12 file).
-x509version	Vof X.509 certificate to create (1, 2 or 3). Default is 3.