Universal Certificate Configuration Options

Universal Certificate Configuration Options

The following table identifies the Universal Certificate configuration options for the UNIX, Windows, and z/OS operating systems. Each Option Name is a link to detailed information about that configuration option.

The options are listed alphabetically, without regard to any specific operating system.

For information on how these options are used, see Universal Certificate Usage.

Option Name

Description

CA

Specification for whether or not the certificate should be marked as a Certificate Authority certificate.

CA_CERT_FILE

Name from which the CA certificate is read.

CA_CERT_FORMAT

Format of the CA certificate file specified by CA_CERT_FILE.

CERT_DB

Certificate database name.

CERT_FILE

File name to which the certificate is written.

CERT_FORMAT

Format of the certificate file specified by CERT_FILE.

CERTPBE

Password-based encryption to use for the certificate in a PKCS #12-encoded transport file.

CODE_PAGE

Character code page used to translate text data.

COMMAND_FILE_ENCRYPTED

Name of an encrypted command file.

COMMAND_FILE_PLAIN

Name of a plain text command file.

COMMON_NAME

Common name of the subject field of a certificate.

COUNTRY

Country name of the subject field of a certificate.

CREATE

Specification that UCERT is to create a certificate request or a certificate.

CRL_FILE

File name to which the Certificate Revocation List (CRL) is written.

CRL_FORMAT

Format of the CRL file specified by CRL_FILE.

DNS_NAME

Domain Name System (DNS) name of the computer system for which the certificate identifies.

ELLIPTIC_CURVESpecifies the name of the Elliptic Curve used to generate the EC (Elliptical Curve) keys upon creating a certificate request.

EMAIL_ADDRESS

Email address of the entity identified by the certificate.

ENCRYPTION_KEY

Key used to encrypt the command file.

HELP

Writes a description of the command options and their format.

IP_ADDRESS

Internet Protocol (IP) address of the computer system for which the certificate identifies.

KEY_SIZE

Key size of the RSA public / private keys.

KEYPBE

Password-based encryption to use for the private key in a PKCS #12-encoded transport file.

KEYSTORE_PATH

Path to a local or remote Universal Broker service interface from which an encryption key can be obtained.

LOCALITY

Locality name of the subject field of a certificate.

MESSAGE_LEVEL

Level of messages to write.

NEXT_UPDATE_DAYS

Number of days to the next CRL update.

NEXT_UPDATE_HOURS

Number of hours to the next CRL update.

NLS_DIRECTORY

Directory name where the code page UTT files are located.

NOT_AFTER_DATE

Last day for which the certificate is considered valid.

NOT_BEFORE_DATE

First day for which the certificate is considered valid.

ORGANIZATION

Organization name of the subject field of a certificate.

ORGANIZATIONAL_UNIT

Organizational unit name of the subject field of a certificate.

PRINT

Specification that UCERT is to print a certificate request or a certificate.

PRIVATE_KEY_FILE

File from which the RSA private key is read or to which the RSA private key is written.

PRIVATE_KEY_FORMAT

Format of the private key file specified by PRIVATE_KEY_FILE.

PRIVATE_KEY_INFILE

File from which an RSA private key is read.

PRIVATE_KEY_PWD

Password used to read and write the private key file specified by PRIVATE_KEY_FILE.

PRIVATE_KEY_TYPESpecifies the type of private key to generate as part of the certificate request process.

REQUEST_FILE

File name from which the certificate request is read or to which the certificate request is written.

REQUEST_FORMAT

Format of the certificate request file specified by REQUEST_FILE.

REVOKE

Specification that UCERT is to revoke a certificate.

REVOKE_REASON

Reason a certificate is being revoked.

SERIAL_NUMBER

Unique serial number to be assigned to the created certificate.

SIGNATURE_ALGORITHM

Signature algorithm to use to create a certificate request or certificate.

STATE

State name of the subject field of a certificate.

TRANSPORT_FILE

File containing certificate / private key information.

TRANSPORT_FILE_PWD

Password used to protect the file specified by TRANSPORT_FILE.

VERIFY

Specification that UCERT is to verify a certificate.

VERSION

Writes the program version and copyright information.