SignerCertificateCommands (AdminTask)

SignerCertificateCommands commands can be used to create and modify signer certificates in relation to the key store file and to query for signer information on ports of remote hosts.

addSignerCertificate

Add a signer certificate from a certificate file to a keystore.

Target object None.

Required parameters

-keyStoreName

Name that uniquely identifies the keystore configuration object. (String, required)

-certificateAlias

Name that uniquely identifies the certificate request in a keystore. (String, required)

-certificateFilePath

Full path of the request file containing the certificate. (String, required)

-base64Encoded

The certificate is a Base64 encoded ASCII data file type if the value is set to true. Set false if the certificate is a binary DER data file type. (Boolean, required)

Optional parameters

-keyStoreScope

Scope name of the keystore. (String, optional)

Example output The command does not return output.

Examples

Batch mode example:

• Jacl:

  $AdminTask addSignerCertificate {-keyStoreName testKeyStore -certificateAlias
  default -certificateFilePath <file path> -base64Encoded true}

• Jython string...

  AdminTask.addSignerCertificate('[-keyStoreName testKeyStore -certificateAlias
  default -certificateFilePath <file path> -base64Encoded true]')

• Jython list:
  AdminTask.addSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default', '-certificateFilePath', '<file path>', '-base64Encoded', 'true'])

Interactive mode:

• Jacl:
  $AdminTask addSignerCertificate {-interactive}

• Jython string...
  AdminTask.addSignerCertificate ('[-interactive]')

deleteSignerCertificate

Delete a signer certificate from a certificate file from a keystore.

Target object None.

Required parameters

-keyStoreName

Name that uniquely identifies the keystore configuration object. (String, required)

-certificateAlias

Name that uniquely identifies the certificate request in a keystore. (String, required)

Optional parameters

-keyStoreScope

Scope name of the keystore. (String, optional)

Example output The command does not return output.

Examples

Batch mode example:

• Jacl:

  $AdminTask deleteSignerCertificate {-keyStoreName testKeyStore -certificateAlias
  default}

• Jython string...

  AdminTask.deleteSignerCertificate('[-keyStoreName testKeyStore -certificateAlias
  default]')

• Jython list:
  AdminTask.deleteSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default'])

Interactive mode:

• Jacl:
  $AdminTask deleteSignerCertificate {-interactive}

• Jython string...
  AdminTask.deleteSignerCertificate ('[-interactive]')

extractSignerCertificate

Extract a signer certificate from a key store to a file.

Target object

None

Parameters and return values

-keyStoreName

The name of the key store where the signer certificate is located. (String, required)

-keyStoreScope

The management scope of the key store. (String, optional)

-certificateAlias

The alias name of the signer certificate in the key store. (String, required)

-certificateFilePath

The full path name of the file containing the signer certificate. (String, required)

-base64Encoded

Set to true if the certificate is ascii base 64 encoded. Set false if the certificate is binary. (String, required)

Examples

Interactive mode example usage:

• Jacl:

  $AdminTask extractSignerCertificate {-interactive}

• Jython string...

  AdminTask.extractSignerCertificate ('[-interactive]')

• Jython list:

  AdminTask.extractSignerCertificate (['-interactive'])

getSignerCertificate

Obtain information about a signer certificate from a key store.

Target object

None

Parameters and return values

-keyStoreName

The name of the key store where the signer certificate is located. (String, required)

-keyStoreScope

The management scope of the key store. (String, optional)

-certificateAlias

The alias name of the signer certificate in the key store. (String, required)

Examples

Interactive mode example usage:

• Jacl:

  $AdminTask getSignerCertificate {-interactive}

• Jython string...

  AdminTask.getSignerCertificate ('[-interactive]')

• Jython list:

  AdminTask.getSignerCertificate (['-interactive'])

listSignerCertificates

List all signer certificates in a particular key store.

Target object

None

Parameters and return values

-keyStoreName

The name of the key store where the signer certificate is located. (String, required)

-keyStoreScope

The management scope of the key store. (String, optional)

Examples

Interactive mode example usage:

• Jacl:

  $AdminTask listSignerCertificates {-interactive}

• Jython string...

  AdminTask.listSignerCertificates ('[-interactive]')

• Jython list:

  AdminTask.listSignerCertificates (['-interactive'])

retrieveSignerFromPort

Retrieve a signer from a remote host and stores the signer in a key store. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true

Target object

None

Parameters and return values

-host

The host name of the system from where the signer certificate will be retrieved. (String, required)

-port

The port of the remote system from where the signer certificate will be retrieved. (Integer, required)

-certificateAlias

Unique name to identify a certificate. (String, required)

-keyStoreName

The name of the key store where the signer certificate is located. (String, required)

-keyStoreScope

The management scope of the key store. (String, optional)

-sslConfigName

The name of the SSL configuration object. (String, optional)

-sslConfigScopeName

The management scope where the SSL configuration object is located. (String, optional)

Examples

Batch mode example:

• Jacl:

  $AdminTask retrieveSignerFromPort {-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner}

• Jython string...

  AdminTask.retrieveSignerFromPort ('[-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner]')

• Jython list:

  AdminTask.retrieveSignerFromPort (['-host', 'serverHost', '-port', '443', '-keyStoreName', 'testKeyStore', '-certificateAlias', 'serverHostSigner'])

Interactive mode:

• Jacl:

  $AdminTask retrieveSignerFromPort {-interactive}

• Jython string...

  AdminTask.retrieveSignerFromPort ('[-interactive]')

• Jython list:

  AdminTask.retrieveSignerFromPort (['-interactive'])

retrieveSignerInfoFromPort

Retrieve signer information from a port on a remote host. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true

Target object

None

Parameters and return values

-host

The host name of the system from where the signer certificate will be retrieved. (String, required)

-port

The port of the remote system from where the signer certificate will be retrieved. (Integer, required)

-sslConfigName

The name of the SSL configuration object. (String, optional)

-sslConfigScopeName

The management scope where the SSL configuration object is located. (String, optional)

Examples

Interactive mode example usage:

• Jacl:

  $AdminTask retrieveSignerInfoFromPort {-interactive}

• Jython string...

  AdminTask.retrieveSignerInfoFromPort ('[-interactive]')

• Jython list:

  AdminTask.retrieveSignerInfoFromPort (['-interactive'])

Related tasks

Use the wsadmin scripting AdminTask object for scripted administration

Commands (AdminTask)