Netscape MANAGEMENT SYSTEM 6.0 - COMMAND-LINE Manual page 71

Table 11-1 Command options and their arguments (Continued)
certusage
-u
valid-months
-v
offset-months
-w
-x
-y rsa|dsa
-1
-2
Specify a usage context to apply when validating a certificate with the -V
option. The contexts are the following:
C (as an SSL client)
V (as an SSL server)
S (as an email signer)
R (as an email recipient)
Set the number of months a new certificate will be valid. The validity period
begins at the current system time unless an offset is added or subtracted
with the -w option. If this argument is not used, the default validity period
is three months. When this argument is used, the default three-month
period is automatically added to any value given in the valid-month
argument. For example, using this option to set a value of 3 would cause 3
to be added to the three-month default, creating a validity period of six
months. You can use negative values to reduce the default period. For
example, setting a value of -2 would subtract 2 from the default and create
a validity period of one month.
Set an offset from the current system time, in months, for the beginning of a
certificate's validity period. Use when creating the certificate or adding it to
a database. Express the offset in integers, using a minus sign (-) to indicate
a negative offset. If this argument is not used, the validity period begins at
the current system time. The length of the validity period is set with the -v
argument.
Use Certificate Database Tool to generate the signature for a certificate
being created or added to a database, rather than obtaining a signature from
a separate CA.
Specify the type of key used to generate a new certificate, either RSA or
DSA. The default is rsa.
Add a key usage extension to a certificate that is being created or added to a
database. This extension allows a certificate's key to be dedicated to
supporting specific operations such as SSL server or object signing.
Certificate Database Tool will prompt you to select a particular usage for
the certificate's key. These usages are described under "Standard X.509 v3
Certifiate Extensions' in Appendix C of CMS Plug-Ins Guide.
Add a basic constraint extension to a certificate that is being created or
added to a database. This extension supports the certificate chain
verification process. Certificate Database Tool will prompt you to select the
certificate constraint extension. Constraint extensions are described in
"Standard X.509 v3 Certifiate Extensions' in Appendix C of CMS Plug-Ins
Guide.
Chapter 11 Certificate Database Tool
Syntax
71