1 swicertstoretool

     2 ================

     3 

     4 swicertstoretool is a tool for creating the SWI cert store data file containing

     5 the root certificates used by software install.  

     6 

     7 Command syntax

     8 --------------

     9 

    10 The syntax of the command is:

    11 

    12 swicertstoretool INPUT_FILE OUTPUT_FILE LOG_FILE

    13 

    14 INPUT_FILE is a text file describing the certificates to be put in the store.

    15 The format is described below.

    16 

    17 OUTPUT_FILE is where the cert store data file is written.  This will need to be

    18 copied to where the SWI cert store expects to find it,

    19 z:\resource\swicertstore.dat.

    20 

    21 LOG_FILE names a file that information is logged to when the command is run.

    22 This should be checked afterwards to see if the command succeeded.  Errors are

    23 indicated by lines starting with "***".

    24 

    25 Input file format

    26 -----------------

    27 

    28 The input file is in "ini" format.  Each section describes a certificate to be

    29 put in the store, with the section name taken as the certificate label.

    30 

    31 The following parameters can be specified for each certificate:

    32 

    33 Name			Description

    34 --------------------------------------------------------------------------------

    35 file			The name of the file containing the DER encoded certificate. 

    36 				This field must be present.

    37 

    38 mandatory		Whether the certificate is marked as mandatory for software

    39 				install. The value must be either "0" or "1".  The field is

    40 				optional - if it is not present the default is "0".

    41 

    42 capability		The name of a capability that the certificate can sign for.

    43 				This field can be repeated to allow multiple capabilities to be

    44 				specified.  Allowed capabilities are:

    45 

    46 					TCB

    47 					CommDD

    48 					PowerMgmt

    49 					MultimediaDD

    50 					ReadDeviceData

    51 					WriteDeviceData

    52 					DRM

    53 					TrustedUI

    54 					ProtServ

    55 					DiskAdmin

    56 					NetworkControl

    57 					AllFiles

    58 					SwEvent

    59 					NetworkServices

    60 					LocalServices

    61 					ReadUserData

    62 					WriteUserData

    63 					Location

    64 

    65 application		The name of an application that the certificate can be used for.

    66 				This can be repeated, but it must appear at least once.  Allowed

    67 				applications are:

    68 

    69 					SWInstall		(Software install)

    70 					SWInstallOCSP	(Software install OCSP signing)

    71 --------------------------------------------------------------------------------

    72 

    73 An example input file can be found in this directory.