The WSO2 SOA Enablement Server CertTool allows you to create an identity with the X.509 certificate issued by the Systinet Testing Certification Authority or any other Certificate Authority providing the same SOAP interface.
Its usage is:
certtool command [options]
Commands
create - Creates a new identity and requests the certificate from the Certification Authority. The Systinet Certification Authority allows only one X.509 certificate to be issued per unique subject.
renew - Generates a new private/public-key pair for an existing security identity and requests an update of the X.509 certificate from the Certification Authority. This command allows changing the identity private key without having to change the principal's name in the X.509 certificate. During this process, the certificate authority requires the digital signature of the original private key.
The CertTool can also be used to generate a new identity that will be placed in the protected store (by default, located inclientconf.xml) by using the create option.
certtool [create [-alias alias ] <Subject DN> [-caURL url] [-f] [-password password ] [-d config_path ] ]
Create Command Options
-alias alias - The alias used to store the identity in the protected store. This alias is used by the application to create the security credentials via the Security API. If not specified, the alias is same as the Subject DN parameter.
-password password - The password used to encrypt the private key in the protected store. The same password must be used when the application creates security credentials with the Security API.
-caURL url - The URL of the Certification Authority Web service. The default value ishttp://ca.systinet.com/CA/.
-f - Force overwriting the alias in the protected store, if the alias already exists.
-d config_path - WSO2 SOA Enablement Server configuration file to be used instead of the default configuration file. This configuration file is used to load and save protected store data.
CertTool can also renew an identity with its renew command. Usage of renew is summarized at the beginning of this section.
certtool [renew -alias alias -password password [-caURL url ] [-d config_path ] ]
Renew Command Options
-alias alias - Alias of the security identity to be renewed.
-password password - Password for decrypting the security identity private key.
-caURL url - The URL of the Certification Authority Web service. The default value is http://ca.systinet.com/CA/.
-d config_path - Specifies the WSO2 SOA Enablement Server configuration file to be used instead of the default configuration file. This configuration file is used to load and save protected store data.