Available subcommands

The manage-certificates tool uses subcommands to indicate which function you want to invoke.

The subcommands that it offers include the following.

Subcommand Description

Subcommand	Description
`list-certificates`	Lists the certificates in a key store.
`import-certificate`	Imports a certificate into a trusted certificate entry, or imports a certificate chain and private key into a private key entry.
`export-certificate`	Exports a certificate from a key store.
`export-private-key`	Exports a private key from a key store.
`generate-self-signed-certificate`	Generates a self-signed certificate.
`generate-certificate-signing-request`	Generates a certificate signing request that can be provided to a certification authority.
`sign-certificate-signing-request`	Signs a certificate signing request with a specified issuer certificate.
`check-certificate-usability`	Checks a specified certificate in a key store to verify whether it is suitable for use as a listener certificate.
`trust-server-certificate`	Initiates the TLS negotiation process with a specified server to obtain its certificate chain to update a trust store with information needed to trust that chain.
`display-certificate-file`	Displays the contents of a file containing one or more PEM-encoded or DER-encoded X.509 certificates.
`display-certificate-signing-request-file`	Displays the contents of a file containing a PEM-encoded or DER-encoded PKCS #10 certificate signing request (CSR).
`change-certificate-alias`	Changes the alias for an entry in a key store.
`change-keystore-password`	Changes the password for a key store.
`change-private-key-password`	Changes the password used to protect the private key for a specified entry in a key store.

list-certificates

Lists the certificates in a key store.

import-certificate

Imports a certificate into a trusted certificate entry, or imports a certificate chain and private key into a private key entry.

export-certificate

Exports a certificate from a key store.

export-private-key

Exports a private key from a key store.

generate-self-signed-certificate

Generates a self-signed certificate.

generate-certificate-signing-request

Generates a certificate signing request that can be provided to a certification authority.

sign-certificate-signing-request

Signs a certificate signing request with a specified issuer certificate.

check-certificate-usability

Checks a specified certificate in a key store to verify whether it is suitable for use as a listener certificate.

trust-server-certificate

Initiates the TLS negotiation process with a specified server to obtain its certificate chain to update a trust store with information needed to trust that chain.

display-certificate-file

Displays the contents of a file containing one or more PEM-encoded or DER-encoded X.509 certificates.

display-certificate-signing-request-file

Displays the contents of a file containing a PEM-encoded or DER-encoded PKCS #10 certificate signing request (CSR).

change-certificate-alias

Changes the alias for an entry in a key store.

change-keystore-password

Changes the password for a key store.

change-private-key-password

Changes the password used to protect the private key for a specified entry in a key store.

PingDirectory

Available subcommands