Use the
requestCACertificate command to create a new CA personal certificate
in your environment. The system uses the certificate request and the
certificate authority configuration information from the CA client
object to request the certificate from the certificate authority.
If the certificate authority returns a certificate, the requestCAcertificate
command stores the certificate in the specified key store and returns
a message of
COMPLETE.
Table 1. Required
parameters. Use the requestCACertificate command and the
following required parameters to request a certificate from a certificate
authority:
Parameter |
Description |
Data type |
-certificateAlias |
Specifies the alias of the certificate. You
can specify a predefined certificate request. |
String |
-keyStoreName |
Specifies the name of the keystore object that
stores the CA certificate. Use the listKeyStores command to display
a list of available keystores. |
String |
-caClientName |
Specifies the name of the CA client that was
used to create the CA certificate. |
String |
-revocationPassword |
Specifies the password to use to revoke the
certificate at a later date. |
String |
Use the following example command syntax to request
a certificate from a certificate authority:
AdminTask.requestCACertificate('-certificateAlias newCertificate -keyStoreName CellDefaultKeyStore
-CAClientName myCAClient -revocationPassword revokeCApw')
The command returns one of two
values:
Certificate COMPLETE or
certificate PENDING.
If the command returns the
Certificate COMPLETE message,
the certificate authority returned the requested certificate and the
default personal certificate is replaced. If the command returns the
certificate
PENDING message, the certificate authority did not yet return
a certificate. Use the queryCACertificate command to view the current
status of the certificate request, as the following example displays:
AdminTask.queryCACertificate('-certificateAlias newCertificate -keyStoreName CellDefaultKeyStore')