SignerCertificateCommands (AdminTask)
SignerCertificateCommands commands can be used to create and modify signer certificates in relation to the key store file and to query for signer information on ports of remote hosts.
addSignerCertificate
Add a signer certificate from a certificate file to a keystore.
Target object None.
Required parameters
- -keyStoreName
- Name that uniquely identifies the keystore configuration object. (String, required)
- -certificateAlias
- Name that uniquely identifies the certificate request in a keystore. (String, required)
- -certificateFilePath
- Full path of the request file containing the certificate. (String, required)
- -base64Encoded
- The certificate is a Base64 encoded ASCII data file type if the value is set to true. Set false if the certificate is a binary DER data file type. (Boolean, required)
Optional parameters
- -keyStoreScope
- Scope name of the keystore. (String, optional)
Example output The command does not return output.
Examples
Batch mode example:
- Jacl:
$AdminTask addSignerCertificate {-keyStoreName testKeyStore -certificateAlias default -certificateFilePath <file path> -base64Encoded true}
- Jython string...
AdminTask.addSignerCertificate('[-keyStoreName testKeyStore -certificateAlias default -certificateFilePath <file path> -base64Encoded true]')
- Jython list:
AdminTask.addSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default', '-certificateFilePath', '<file path>', '-base64Encoded', 'true'])
Interactive mode:
- Jacl:
$AdminTask addSignerCertificate {-interactive}
- Jython string...
AdminTask.addSignerCertificate ('[-interactive]')
deleteSignerCertificate
Delete a signer certificate from a certificate file from a keystore.
Target object None.
Required parameters
- -keyStoreName
- Name that uniquely identifies the keystore configuration object. (String, required)
- -certificateAlias
- Name that uniquely identifies the certificate request in a keystore. (String, required)
Optional parameters
- -keyStoreScope
- Scope name of the keystore. (String, optional)
Example output The command does not return output.
Examples
Batch mode example:
- Jacl:
$AdminTask deleteSignerCertificate {-keyStoreName testKeyStore -certificateAlias default}
- Jython string...
AdminTask.deleteSignerCertificate('[-keyStoreName testKeyStore -certificateAlias default]')
- Jython list:
AdminTask.deleteSignerCertificate(['-keyStoreName', 'testKeyStore', '-certificateAlias', 'default'])
Interactive mode:
- Jacl:
$AdminTask deleteSignerCertificate {-interactive}
- Jython string...
AdminTask.deleteSignerCertificate ('[-interactive]')
extractSignerCertificate
Extract a signer certificate from a key store to a file.
Target object
None
Parameters and return values
- -keyStoreName
- The name of the key store where the signer certificate is located. (String, required)
- -keyStoreScope
- The management scope of the key store. (String, optional)
- -certificateAlias
- The alias name of the signer certificate in the key store. (String, required)
- -certificateFilePath
- The full path name of the file containing the signer certificate. (String, required)
- -base64Encoded
- Set to true if the certificate is ascii base 64 encoded. Set false if the certificate is binary. (String, required)
Examples
Interactive mode example usage:
Jacl:
$AdminTask extractSignerCertificate {-interactive}
Jython string...
AdminTask.extractSignerCertificate ('[-interactive]')
Jython list:
AdminTask.extractSignerCertificate (['-interactive'])
getSignerCertificate
Obtain information about a signer certificate from a key store.
Target object
None
Parameters and return values
- -keyStoreName
- The name of the key store where the signer certificate is located. (String, required)
- -keyStoreScope
- The management scope of the key store. (String, optional)
- -certificateAlias
- The alias name of the signer certificate in the key store. (String, required)
Examples
Interactive mode example usage:
Jacl:
$AdminTask getSignerCertificate {-interactive}
Jython string...
AdminTask.getSignerCertificate ('[-interactive]')
Jython list:
AdminTask.getSignerCertificate (['-interactive'])
listSignerCertificates
List all signer certificates in a particular key store.
Target object
None
Parameters and return values
- -keyStoreName
- The name of the key store where the signer certificate is located. (String, required)
- -keyStoreScope
- The management scope of the key store. (String, optional)
Examples
Interactive mode example usage:
Jacl:
$AdminTask listSignerCertificates {-interactive}
Jython string...
AdminTask.listSignerCertificates ('[-interactive]')
Jython list:
AdminTask.listSignerCertificates (['-interactive'])
retrieveSignerFromPort
Retrieve a signer from a remote host and stores the signer in a key store. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true
Target object
None
Parameters and return values
- -host
- The host name of the system from where the signer certificate will be retrieved. (String, required)
- -port
- The port of the remote system from where the signer certificate will be retrieved. (Integer, required)
- -certificateAlias
- Unique name to identify a certificate. (String, required)
- -keyStoreName
- The name of the key store where the signer certificate is located. (String, required)
- -keyStoreScope
- The management scope of the key store. (String, optional)
- -sslConfigName
- The name of the SSL configuration object. (String, optional)
- -sslConfigScopeName
- The management scope where the SSL configuration object is located. (String, optional)
Examples
Batch mode example:
Jacl:
$AdminTask retrieveSignerFromPort {-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner}
Jython string...
AdminTask.retrieveSignerFromPort ('[-host serverHost -port 443 -keyStoreName testKeyStore -certificateAlias serverHostSigner]')
Jython list:
AdminTask.retrieveSignerFromPort (['-host', 'serverHost', '-port', '443', '-keyStoreName', 'testKeyStore', '-certificateAlias', 'serverHostSigner'])
Interactive mode:
Jacl:
$AdminTask retrieveSignerFromPort {-interactive}
Jython string...
AdminTask.retrieveSignerFromPort ('[-interactive]')
Jython list:
AdminTask.retrieveSignerFromPort (['-interactive'])
retrieveSignerInfoFromPort
Retrieve signer information from a port on a remote host. The command will retrieve the root certificate information from the certificate chain on the port. To retrieve the leaf certificate users can set the security customer property com.ibm.websphere.ssl.retrieveLeafCert to true
Target object
None
Parameters and return values
- -host
- The host name of the system from where the signer certificate will be retrieved. (String, required)
- -port
- The port of the remote system from where the signer certificate will be retrieved. (Integer, required)
- -sslConfigName
- The name of the SSL configuration object. (String, optional)
- -sslConfigScopeName
- The management scope where the SSL configuration object is located. (String, optional)
Examples
Interactive mode example usage:
Jacl:
$AdminTask retrieveSignerInfoFromPort {-interactive}
Jython string...
AdminTask.retrieveSignerInfoFromPort ('[-interactive]')
Jython list:
AdminTask.retrieveSignerInfoFromPort (['-interactive'])
Related tasks
Use the wsadmin scripting AdminTask object for scripted administration Commands (AdminTask)