Netscape MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Manual page 69

Table 11-1 Command options and their arguments (Continued)
-H
Argument
-a
validity-time
-b
issuer
-c
certdir
-d
-e
password-file
-f
tokenname
-h
cert|cert-request-file
-i
shortkeyID
-k
Display a list of the options and arguments used by Certificate Database
Tool.
Use ASCII format or allow the use of ASCII format for input or output. This
formatting follows RFC #1113. For certificate requests, ASCII output
defaults to standard output unless redirected.
Specify a time at which a certificate is required to be valid. Use when
checking certificate validity with the -V option. The format of the
validity-time argument is "YYMMDDHHMMSS[+HHMM|-HHMM|Z]".
Specifying seconds (SS) is optional. When specifying an explicit time, use
"YYMMDDHHMMSSZ". When specifying an offset time, use
"YYMMDDHHMMSS+HHMM" or "YYMMDDHHMMSS-HHMM". If this option is not
used, the validity check defaults to the current system time.
Identify the certificate of the CA from which a new certificate will derive its
authenticity. Use the exact nickname or alias of the CA certificate, or use the
CA's email address. Bracket the issuer string with quotation marks if it
contains spaces.
Specify a directory containing a certificate database file. On Unix Certificate
Database Tool defaults to $HOME/.netscape (that is, ~/.netscape
Windows NT the default is the current directory.
The cert7.db and key3.db database files must reside in the same
directory.
Check a certificate's signature during the process of validating a certificate.
Specify a file that will automatically supply the password to include in a
certificate or to access a certificate database. This is a plain-text file
containing one password. Be sure to prevent unauthorized access to this
file.
Specify the name of a token to use or act on. Unless specified otherwise the
default token is an internal slot (specifically, internal slot 2). This slot can
also be explicitly named with the string "internal". An internal slots is a
virtual slot maintained in software, rather than a hardware device. Internal
slot 2 is used by key and certificate services. Internal slot 1 is used by
cryptographic services.
Specify a specific certificate, or a certificate-request file.
Specify the public key to use when creating a certificate or certificate
request. The shortkeyID is the first few bytes of the keyID (as shown by the
keyutil -L command), starting from the second byte, with a length
sufficient to identify it uniquely.
Chapter 11 Certificate Database Tool
Syntax
). O
n
69