Use the
requestCACertificate command to create a new CA personal certificate
in your environment. The system uses the certificate request and the
certificate authority configuration information from the CA client
object to request the certificate from the certificate authority.
If the certificate authority returns a certificate, the requestCAcertificate
command stores the certificate in the specified key store and returns
a message of
COMPLETE.
Table 1. Required
parameters. Use the requestCACertificate command and
the following required parameters to request a certificate from a
certificate authority:
Parameter |
Description |
Data type |
-certificateAlias |
Specifies the alias of the certificate. You
can specify a predefined certificate request. |
String |
-keyStoreName |
Specifies the name of the keystore object that
stores the CA certificate. Use the listKeyStores command to display
a list of available keystores. |
String |
-caClientName |
Specifies the name of the CA client that was
used to create the CA certificate. |
String |
-revocationPassword |
Specifies the password to use to revoke the
certificate at a later date. |
String |
Use the following example command syntax to request
a certificate from a certificate authority:
AdminTask.requestCACertificate('-certificateAlias newCertificate -keyStoreName CellDefaultKeyStore -CAClientName myCAClient -revocationPassword revokeCApw')
The command returns one of two values:
Certificate
COMPLETE or
certificate PENDING. If the command returns
the
Certificate COMPLETE message, the certificate authority
returned the requested certificate and the default personal certificate
is replaced. If the command returns the
certificate PENDING message,
the certificate authority did not yet return a certificate. Use the
queryCACertificate command to view the current status of the certificate
request, as the following example displays:
AdminTask.queryCACertificate('-certificateAlias newCertificate -keyStoreName CellDefaultKeyStore')