PKI CERTIFICATE CREATE

Level

pki+modify LICENCE PKI

History

Appears in 9 0 0

Description

Create a new certificate You must have the authority private key
For a server certificate, the CN must be a FQDN
For a user, you must precise an email

For a SmartCard type, you must have an email and have define the CRLDP of the authority
You can also specify the UPN (UserPrincipalName) used to login in Windows environment
If no authority name is given, the default one is taken CACHE_CATEGORY pki

Example

PKI CERTIFICATE CREATE type=smartcard CN="John Doe" passphrase="secret" E=j doe@company com UPN="john doe@COMPANY DOMAIN"
PKI CERTIFICATE CREATE type=server CN="www companie com" passphrase="secret" ALTNAMES="* companie com;companie com;12 34 56 78;98 76 54 32"

Usage

type=<user|server|smartcard>
CN=<name>
passphrase=<pass>
[caname=<name>]
[shortname=<name>]
[size=<key size>]
[nbdays=<days>]
[C=<country>]
[ST=<state>]
[L=<locality>]
[O=<organisation>]
[OU=<unit>]
[E=<email>]
[UA=<unstructuredAddress>]
[UN=<unstructuredName>]
[S=<serial>]
[UPN=<userPrincipalName>]
[ALTNAMES=<list of ip or fqdn name separated by ;>]

Format

section