Available subcommands

The manage-certificates tool uses the following subcommands to indicate which function to invoke:

Subcommand Function

Subcommand	Function
`list-certificates`	Lists the certificates in a keystore.
`import-certificate`	Imports a certificate into a trusted certificate entry or imports a certificate chain and private key into a private key entry.
`export-certificate`	Exports a certificate from a keystore.
`export-private-key`	Exports a private key from a keystore.
`generate-self-signed-certificate`	Generates a self-signed certificate.
`generate-certificate-signing-request`	Generates a certificate-signing request that can be provided to a certification authority.
`sign-certificate-signing-request`	Signs a certificate-signing request with a specified issuer certificate.
`check-certificate-usability`	Checks a specified certificate in a keystore to verify whether it is suitable for use as a listener certificate.
`trust-server-certificate`	Initiates the TLS-negotiation process with a specified server to obtain its certificate chain so that a truststore can be updated with the necessary information to trust the chain.
`display-certificate-file`	Displays the contents of a file that contains one or more PEM-encoded or DER-encoded X.509 certificates.
`display-certificate-signing-request-file`	Displays the contents of a file that contains a PEM-encoded or DER-encoded PKCS #10 certificate-signing request (CSR).
`change-certificate-alias`	Changes the alias for an entry in a keystore.
`change-keystore-password`	Changes the password for a keystore.
`change-private-key-password`	Changes the password that protects the private key for a specified entry in a keystore.

list-certificates

Lists the certificates in a keystore.

import-certificate

Imports a certificate into a trusted certificate entry or imports a certificate chain and private key into a private key entry.

export-certificate

Exports a certificate from a keystore.

export-private-key

Exports a private key from a keystore.

generate-self-signed-certificate

Generates a self-signed certificate.

generate-certificate-signing-request

Generates a certificate-signing request that can be provided to a certification authority.

sign-certificate-signing-request

Signs a certificate-signing request with a specified issuer certificate.

check-certificate-usability

Checks a specified certificate in a keystore to verify whether it is suitable for use as a listener certificate.

trust-server-certificate

Initiates the TLS-negotiation process with a specified server to obtain its certificate chain so that a truststore can be updated with the necessary information to trust the chain.

display-certificate-file

Displays the contents of a file that contains one or more PEM-encoded or DER-encoded X.509 certificates.

display-certificate-signing-request-file

Displays the contents of a file that contains a PEM-encoded or DER-encoded PKCS #10 certificate-signing request (CSR).

change-certificate-alias

Changes the alias for an entry in a keystore.

change-keystore-password

Changes the password for a keystore.

change-private-key-password

Changes the password that protects the private key for a specified entry in a keystore.

PingDirectory

Available subcommands