Week 12 contribution of PDK documentation_content. See release notes for details. Fixes Bug 2054, Bug 1583, Bug 381, Bug 390, Bug 463, Bug 1897, Bug 344, Bug 1319, Bug 394, Bug 1520, Bug 1522, Bug 1892"
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (c) 2007-2010 Nokia Corporation and/or its subsidiary(-ies) All rights reserved. -->
<!-- This component and the accompanying materials are made available under the terms of the License
"Eclipse Public License v1.0" which accompanies this distribution,
and is available at the URL "http://www.eclipse.org/legal/epl-v10.html". -->
<!-- Initial Contributors:
Nokia Corporation - initial contribution.
Contributors:
-->
<!DOCTYPE reference
PUBLIC "-//OASIS//DTD DITA Reference//EN" "reference.dtd">
<reference id="GUID-557BF1DA-B6E8-521B-89F0-15C84E3BCB1A" xml:lang="en"><title> MakeKeys
Reference</title><shortdesc>The <b>MakeKeys</b> tool creates private key-public key pair and
certificate requests. MakeKeys can be run from an MSDOS command prompt or
as a batch file.</shortdesc><prolog><metadata><keywords/></metadata></prolog><refbody>
<refsyn><title>Syntax</title><p><userinput>makekeys <parmname>[OPTIONS]</parmname> <<cmdname>ARGS></cmdname> </userinput> </p> <p>The
following table lists the options supported by MakeKeys: </p> <table id="GUID-CB7A8241-4FDD-53B8-A4C1-5314FBB6F38B">
<tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/>
<thead>
<row>
<entry>Option </entry>
<entry>Description</entry>
<entry>Usage</entry>
</row>
</thead>
<tbody>
<row>
<entry><p> <varname>-cert</varname> </p> </entry>
<entry><p>Creates a private key (<codeph>private-key-file</codeph>) and self-signed
certificate (<codeph>public-key-cert</codeph>). </p> <p>If the private key
file exists, it is used to create the self-signed certificate. </p> </entry>
<entry><p><userinput>makekeys -cert [-v] [-expdays <cert-expiry-in-days>]
[-password <password>] [-len <key-length>] -dname <distinguished-name-string>
<private-key-file> <public-key-cert></userinput> </p> </entry>
</row>
<row>
<entry><p> <varname>-req</varname> </p> </entry>
<entry><p>Creates a certificate request. </p> </entry>
<entry><p><userinput>makekeys -req [-v] [-password <password>] -dname <distinguished-name-string>
<private-key-file> <public-key-cert> <cert-request-file></userinput> </p> </entry>
</row>
<row>
<entry><p> <varname>-view </varname> </p> </entry>
<entry><p>Displays details of a certificate or certificate chain file. </p> </entry>
<entry><p><userinput>makekeys -view <public-key-cert></userinput> </p> </entry>
</row>
</tbody>
</tgroup>
</table> <p>The following table lists the arguments to be provided: </p> <table id="GUID-9938212F-0CAC-5CA6-9AD8-E0593A84C5DB">
<tgroup cols="2"><colspec colname="col0"/><colspec colname="col1"/>
<thead>
<row>
<entry>Arguments</entry>
<entry>Description</entry>
</row>
</thead>
<tbody>
<row>
<entry><p> <varname>-v</varname> </p> </entry>
<entry><p>Displays verbose output. </p> </entry>
</row>
<row>
<entry><p> <varname>-I</varname> </p> </entry>
<entry><p>Displays OpenSSL license information. </p> </entry>
</row>
<row>
<entry><p> <varname>-expdays</varname> <varname>cert-expiry-in-days</varname> </p> </entry>
<entry><p>Displays certificate validity period in days after which the certificate
expires. </p> <p>If not specified, the default is 1 year. </p> </entry>
</row>
<row>
<entry><p> <varname>-dname</varname> <varname>distinguished-name-string</varname> </p> </entry>
<entry><p>Specifies the distinguished name attributes required for the self-signed
public key certificate file. This command-line option can be constructed using
a string of white-space separated key-value pairs as follows: </p> <p><table id="GUID-E99033C4-BB13-5569-8ECD-361FF8F57C11">
<tgroup cols="3"><colspec colname="col0"/><colspec colname="col1"/><colspec colname="col2"/>
<thead>
<row>
<entry>Key</entry>
<entry>Attribute</entry>
<entry>Example</entry>
</row>
</thead>
<tbody>
<row>
<entry><p> <codeph>CN</codeph> </p> </entry>
<entry><p>Common Name </p> </entry>
<entry><p> <codeph>CN=Joe Bloggs</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>OU</codeph> </p> </entry>
<entry><p>Organisational Unit </p> </entry>
<entry><p> <codeph>OU=Development</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>O</codeph> </p> </entry>
<entry><p>Organisation </p> </entry>
<entry><p> <codeph>O=Symbian Foundation</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>L</codeph> </p> </entry>
<entry><p>Locality </p> </entry>
<entry><p> <codeph>L=</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>ST</codeph> </p> </entry>
<entry><p>State </p> </entry>
<entry><p> <codeph>ST=</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>C</codeph> </p> </entry>
<entry><p>Country </p> </entry>
<entry><p> <codeph>C=GB</codeph> </p> </entry>
</row>
<row>
<entry><p> <codeph>EM</codeph> </p> </entry>
<entry><p>E-mail address </p> </entry>
<entry><p> <codeph>EM=noone@nowhere.com</codeph> </p> </entry>
</row>
</tbody>
</tgroup>
</table> </p> <p>A distinguished name string needs at least two attributes. </p> </entry>
</row>
<row>
<entry><p> <varname>-password</varname> <varname>password</varname> </p> </entry>
<entry><p>Specifies the password for private key. After creating private key-public
key pair, a password must be provided to subsequently use the private key. </p> </entry>
</row>
<row>
<entry><p> <varname>-len</varname> <varname>key-length</varname> </p> </entry>
<entry><p>Specifies the length of the key. </p> <p>The minimum key length
is 512, maximum is 4096. The default key-length is 1024. </p> </entry>
</row>
<row>
<entry><p> <varname>private-key-file</varname> </p> </entry>
<entry><p>The file containing the private key. The private key must be kept
secret by the Symbian developer. </p> <p>Has a <filepath>.key</filepath> extension. </p> </entry>
</row>
<row>
<entry><p> <varname>public-key-cert</varname> </p> </entry>
<entry><p>A self-signed certificate containing the public key. </p> <p>Has
a <filepath>.cer</filepath> extension. </p> </entry>
</row>
<row>
<entry><p> <varname>cert-request-file</varname> </p> </entry>
<entry><p>A self-contained file which is sent to the Certification Authority
(CA) for signing. The MakeKeys tool creates this file given a private and
public key. It is then up to the Symbian developer to send the file to the
CA and arrange for the application for the certificate. </p> <p>Has a <filepath>.p10</filepath> extension. </p> </entry>
</row>
</tbody>
</tgroup>
</table> </refsyn>
</refbody><related-links>
<link href="GUID-2861F3D9-875E-5AB3-9600-B328F042CC38.dita"><linktext>MakeKeys
Overview</linktext></link>
<link href="GUID-D45A4AE9-4169-4466-B02B-629B15C3E9AA.dita"><linktext>MakeKeys
Tutorial</linktext></link>
</related-links></reference>