|
1 <?xml version="1.0" encoding="utf-8"?> |
|
2 <!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. --> |
|
3 <!-- This component and the accompanying materials are made available under the terms of the License |
|
4 "Eclipse Public License v1.0" which accompanies this distribution, |
|
5 and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". --> |
|
6 <!-- Initial Contributors: |
|
7 Nokia Corporation - initial contribution. |
|
8 Contributors: |
|
9 --> |
|
10 <!DOCTYPE reference |
|
11 PUBLIC "-//OASIS//DTD DITA Reference//EN" "reference.dtd"> |
|
12 <reference id="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A" xml:lang="en"><title> MakeKeys |
|
13 Reference</title><shortdesc>The <b>MakeKeys</b> tool creates private key-public key pair and |
|
14 certificate requests. MakeKeys can be run from an MSDOS command prompt or |
|
15 as a batch file.</shortdesc><prolog><metadata><keywords/></metadata></prolog><refbody> |
|
16 <refsyn><title>Syntax</title><p><userinput>makekeys <parmname>[OPTIONS]</parmname> <<cmdname>ARGS></cmdname> </userinput> </p> <p>The |
|
17 following table lists the options supported by MakeKeys: </p> <table id="GUID-CB7A8241-4FDD-53B8-A4C1-5314FBB6F38B"> |
|
18 <tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/> |
|
19 <thead> |
|
20 <row> |
|
21 <entry>Option </entry> |
|
22 <entry>Description</entry> |
|
23 <entry>Usage</entry> |
|
24 </row> |
|
25 </thead> |
|
26 <tbody> |
|
27 <row> |
|
28 <entry><p> <varname>-cert</varname> </p> </entry> |
|
29 <entry><p>Creates a private key (<codeph>private-key-file</codeph>) and self-signed |
|
30 certificate (<codeph>public-key-cert</codeph>). </p> <p>If the private key |
|
31 file exists, it is used to create the self-signed certificate. </p> </entry> |
|
32 <entry><p><userinput>makekeys -cert [-v] [-expdays <cert-expiry-in-days>] |
|
33 [-password <password>] [-len <key-length>] -dname <distinguished-name-string> |
|
34 <private-key-file> <public-key-cert></userinput> </p> </entry> |
|
35 </row> |
|
36 <row> |
|
37 <entry><p> <varname>-req</varname> </p> </entry> |
|
38 <entry><p>Creates a certificate request. </p> </entry> |
|
39 <entry><p><userinput>makekeys -req [-v] [-password <password>] -dname <distinguished-name-string> |
|
40 <private-key-file> <public-key-cert> <cert-request-file></userinput> </p> </entry> |
|
41 </row> |
|
42 <row> |
|
43 <entry><p> <varname>-view </varname> </p> </entry> |
|
44 <entry><p>Displays details of a certificate or certificate chain file. </p> </entry> |
|
45 <entry><p><userinput>makekeys -view <public-key-cert></userinput> </p> </entry> |
|
46 </row> |
|
47 </tbody> |
|
48 </tgroup> |
|
49 </table> <p>The following table lists the arguments to be provided: </p> <table id="GUID-9938212F-0CAC-5CA6-9AD8-E0593A84C5DB"> |
|
50 <tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/> |
|
51 <thead> |
|
52 <row> |
|
53 <entry>Arguments</entry> |
|
54 <entry>Description</entry> |
|
55 </row> |
|
56 </thead> |
|
57 <tbody> |
|
58 <row> |
|
59 <entry><p> <varname>-v</varname> </p> </entry> |
|
60 <entry><p>Displays verbose output. </p> </entry> |
|
61 </row> |
|
62 <row> |
|
63 <entry><p> <varname>-I</varname> </p> </entry> |
|
64 <entry><p>Displays OpenSSL license information. </p> </entry> |
|
65 </row> |
|
66 <row> |
|
67 <entry><p> <varname>-expdays</varname> <varname>cert-expiry-in-days</varname> </p> </entry> |
|
68 <entry><p>Displays certificate validity period in days after which the certificate |
|
69 expires. </p> <p>If not specified, the default is 1 year. </p> </entry> |
|
70 </row> |
|
71 <row> |
|
72 <entry><p> <varname>-dname</varname> <varname>distinguished-name-string</varname> </p> </entry> |
|
73 <entry><p>Specifies the distinguished name attributes required for the self-signed |
|
74 public key certificate file. This command-line option can be constructed using |
|
75 a string of white-space separated key-value pairs as follows: </p> <p><table id="GUID-E99033C4-BB13-5569-8ECD-361FF8F57C11"> |
|
76 <tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/> |
|
77 <thead> |
|
78 <row> |
|
79 <entry>Key</entry> |
|
80 <entry>Attribute</entry> |
|
81 <entry>Example</entry> |
|
82 </row> |
|
83 </thead> |
|
84 <tbody> |
|
85 <row> |
|
86 <entry><p> <codeph>CN</codeph> </p> </entry> |
|
87 <entry><p>Common Name </p> </entry> |
|
88 <entry><p> <codeph>CN=Joe Bloggs</codeph> </p> </entry> |
|
89 </row> |
|
90 <row> |
|
91 <entry><p> <codeph>OU</codeph> </p> </entry> |
|
92 <entry><p>Organisational Unit </p> </entry> |
|
93 <entry><p> <codeph>OU=Development</codeph> </p> </entry> |
|
94 </row> |
|
95 <row> |
|
96 <entry><p> <codeph>O</codeph> </p> </entry> |
|
97 <entry><p>Organisation </p> </entry> |
|
98 <entry><p> <codeph>O=Symbian Foundation</codeph> </p> </entry> |
|
99 </row> |
|
100 <row> |
|
101 <entry><p> <codeph>L</codeph> </p> </entry> |
|
102 <entry><p>Locality </p> </entry> |
|
103 <entry><p> <codeph>L=</codeph> </p> </entry> |
|
104 </row> |
|
105 <row> |
|
106 <entry><p> <codeph>ST</codeph> </p> </entry> |
|
107 <entry><p>State </p> </entry> |
|
108 <entry><p> <codeph>ST=</codeph> </p> </entry> |
|
109 </row> |
|
110 <row> |
|
111 <entry><p> <codeph>C</codeph> </p> </entry> |
|
112 <entry><p>Country </p> </entry> |
|
113 <entry><p> <codeph>C=GB</codeph> </p> </entry> |
|
114 </row> |
|
115 <row> |
|
116 <entry><p> <codeph>EM</codeph> </p> </entry> |
|
117 <entry><p>E-mail address </p> </entry> |
|
118 <entry><p> <codeph>EM=noone@nowhere.com</codeph> </p> </entry> |
|
119 </row> |
|
120 </tbody> |
|
121 </tgroup> |
|
122 </table> </p> <p>A distinguished name string needs at least two attributes. </p> </entry> |
|
123 </row> |
|
124 <row> |
|
125 <entry><p> <varname>-password</varname> <varname>password</varname> </p> </entry> |
|
126 <entry><p>Specifies the password for private key. After creating private key-public |
|
127 key pair, a password must be provided to subsequently use the private key. </p> </entry> |
|
128 </row> |
|
129 <row> |
|
130 <entry><p> <varname>-len</varname> <varname>key-length</varname> </p> </entry> |
|
131 <entry><p>Specifies the length of the key. </p> <p>The minimum key length |
|
132 is 512, maximum is 4096. The default key-length is 1024. </p> </entry> |
|
133 </row> |
|
134 <row> |
|
135 <entry><p> <varname>private-key-file</varname> </p> </entry> |
|
136 <entry><p>The file containing the private key. The private key must be kept |
|
137 secret by the Symbian developer. </p> <p>Has a <filepath>.key</filepath> extension. </p> </entry> |
|
138 </row> |
|
139 <row> |
|
140 <entry><p> <varname>public-key-cert</varname> </p> </entry> |
|
141 <entry><p>A self-signed certificate containing the public key. </p> <p>Has |
|
142 a <filepath>.cer</filepath> extension. </p> </entry> |
|
143 </row> |
|
144 <row> |
|
145 <entry><p> <varname>cert-request-file</varname> </p> </entry> |
|
146 <entry><p>A self-contained file which is sent to the Certification Authority |
|
147 (CA) for signing. The MakeKeys tool creates this file given a private and |
|
148 public key. It is then up to the Symbian developer to send the file to the |
|
149 CA and arrange for the application for the certificate. </p> <p>Has a <filepath>.p10</filepath> extension. </p> </entry> |
|
150 </row> |
|
151 </tbody> |
|
152 </tgroup> |
|
153 </table> </refsyn> |
|
154 </refbody><related-links> |
|
155 <link href="GUID-2861F3D9-875E-5AB3-9600-B328F042CC38.dita"><linktext>MakeKeys |
|
156 Overview</linktext></link> |
|
157 <link href="GUID-D45A4AE9-4169-4466-B02B-629B15C3E9AA.dita"><linktext>MakeKeys |
|
158 Tutorial</linktext></link> |
|
159 </related-links></reference> |