Chapter 22.
PKCS #10 Client
The PKCS #10 utility, PKCS10Client, generates a 1024-bit RSA key pair in the security database,
constructs a PKCS#10 certificate request with the public key, and outputs the request to a file.
PKCS #10 is a certification request syntax standard defined by RSA. A CA may support multiple types
of certificate requests. The Certificate System CA supports KEYGEN, PKCS#10, CRMF, and CMC.
To get a certificate from the CA, the certificate request needs to be submitted to and approved by a
CA agent. Once approved, a certificate is created for the request, and certificate attributes, such as
extensions, are populated according to certificate profiles.
22.1. Syntax
The PKCS10Client tool has the following syntax:
PKCS10Client -p certDBPassword -d certDBDirectory -o outputFile -s subjectDN
Option
Description
p
Gives the password for the security databases.
d
Gives the path to the security databases.
o
Sets the path and filename to output the new PKCS #10 certificate in base 64 format.
s
Gives the subject DN of the certificate.
63