PingDirectory

Available subcommands

The manage-certificates tool uses subcommands to indicate which function you want to invoke.

The subcommands that it offers include the following.

Subcommand Description

list-certificates

Lists the certificates in a key store.

import-certificate

Imports a certificate into a trusted certificate entry, or imports a certificate chain and private key into a private key entry.

export-certificate

Exports a certificate from a key store.

export-private-key

Exports a private key from a key store.

generate-self-signed-certificate

Generates a self-signed certificate.

generate-certificate-signing-request

Generates a certificate signing request that can be provided to a certification authority.

sign-certificate-signing-request

Signs a certificate signing request with a specified issuer certificate.

check-certificate-usability

Checks a specified certificate in a key store to verify whether it is suitable for use as a listener certificate.

trust-server-certificate

Initiates the TLS negotiation process with a specified server to obtain its certificate chain to update a trust store with information needed to trust that chain.

display-certificate-file

Displays the contents of a file containing one or more PEM-encoded or DER-encoded X.509 certificates.

display-certificate-signing-request-file

Displays the contents of a file containing a PEM-encoded or DER-encoded PKCS #10 certificate signing request (CSR).

change-certificate-alias

Changes the alias for an entry in a key store.

change-keystore-password

Changes the password for a key store.

change-private-key-password

Changes the password used to protect the private key for a specified entry in a key store.