Previous Topic: Change the CA EEM FIPS Mode Security SettingNext Topic: Configure Domain Properties

Administer the CA Process Automation DomainConfigure the Contents of the DomainConfigure CA EEM Security Settings for the DomainExamples of iGateway Certificate Utility Use

Examples of iGateway Certificate Utility Use

You can change the CA EEM FIPS Mode security setting from the setting configured at installation. Part of this change process involves using the iGateway Certificate Utility (igwCertUtil). You can find this file in ...\CA\SharedComponents\iTechnology\igwCertUtil.exe.

Note: For details, see Change the CA EEM FIPS Mode Security Setting.

The iGateway Certificate Utility includes capabilities described by the following examples:

Example: Create a pem certificate type with PAM.cer and PAM.key files

The following igwCertUtil example creates a pem certificate with a .cer file and a .key file.

igwCertUtil -version 4.6.0.0 
-create -cert

"<Certificate>

<certType>pem</certType>
<certURI>PAM.cer</certURI>
<keyURI>PAM.key</keyURI>
<subject>CN=PAM</subject>

</Certificate>"

Example: Create a pem certificate type for an issuer

The following igwCertUtil example creates a certificate where the named issuer provided the issuer.cer file and issuer.key file.

igwCertUtil -version 4.6.0.0 
-create -cert

"<Certificate>

<certType>pem</certType>
<certURI>PAM.cer</certURI>
<keyURI>PAM.key</keyURI>
<subject>CN=PAM</subject>

</Certificate>"

-issuer

"<Certificate>

<certType>pem</certType>
<certURI>issuer.cer</certURI>
<keyURI>issuer.key</keyURI>

</Certificate>"

Example: Copy PAM.cer with PAM.key to PAM.p12

In the following example, the igwCertUtil utility copies the pem certificate to the target p12 certificate. The pem certificate includes the name of the .cer file and the .key file. The p12 certificate includes the name and password combination.

igwCertUtil -version 4.6.0.0 
-copy -cert

"<Certificate>

<certType>pem</certType>
<certURI>PAM.cer</certURI>
<keyURI>PAM.key</keyURI>

</Certificate>"

-target

"<Certificate>

<certType>p12/certType>
<certURI>PAM.p12</certURI>
<certPW>password</certPW>

</Certificate>"

Example: Convert PAM.cer and PAM.key to PAM.p12 and password

In the following example, the igwCertUtil utility converts the pem certificate type to a p12 certificate type. The utility converts the PAM.cer to PAM.p12 and converts the PAM.key to a password.

igwCertUtil -version 4.6.0.0 
-conv -cert

"<Certificate>

<certType>pem</certType>
<certURI>PAM.cer</certURI>
<keyURI>PAM.key</keyURI>

</Certificate>"

-target

"<Certificate>

<certType>p12/certType>
<certURI>PAM.p12</certURI>
<certPW>password</certPW>

</Certificate>"