The input parameters can be specified in the PARM field or SYSIN data set. When parameters conflict, the last parameter entered will be used (USER and RECORDID).
Specifies a character string used as the title at the top of the report. If you do not specify this parameter, the title is 'SAFCRRPT - Certificate Utility'. If this string is longer than 35 characters, the report generator uses only the first 35 characters as the title.
Range: 1 to 35
Specifies the number of output lines to print on a page.
Maximum: The physical constraints of the output media used or 99,999 lines.
All certificates for the specified user(s) are displayed. When specified with the RINGNAME parameter, the user field cannot be masked.
Default: The caller's userid.
Specifies that the label, serial number, subject's distinguished name, issuer's distinguished name, validity dates, public key, PKDS label (if one exists), private key size and type are displayed.
Specifies that the record id of the displayed record, the record id of the signing certificate and the record ids of the certificates that this certificate signed are displayed.
Default: Summary.
Adds a hexadecimal dump of the certificate to the display. Dump is ignored if DETAIL is not specified.
Adds a list of the extensions in the certificate to the display. EXT is ignored if DETAIL is not specified. If the utility cannot identify the name of the extension in the certificate, the OID of the extension is displayed.
Extension values are also displayed. If the format of the extension can be identified, a meaningful description of the settings within the extension is displayed. If the format of the extension cannot be identified, a hexadecimal dump of the extension contents along with a character representation will be displayed.
Displays certificates from a specific key ring. The utility uses the R_datalib callable service to retrieve the certificates from the key ring. When RINGNAME is specified, the USER parameter cannot be masked.
Note: The RINGNAME value is the same as the CA Top Secret LABLRING value of the up to 237-character label name of the keyring where the certificates reside.
Specifies the record id of the certificate(s) to be displayed. RECORDID cannot be used with the RINGNAME parameter.
Specifies that only certificates that have either TRUST or NOTRUST status are displayed.
Specifies that only certificates that have the public or private key saved in ICSF are displayed.
Specifies that only certificates that have the public or private key saved in saved in ICSF using the PCICC keyword are displayed.
Specifies that only certificates that expire within the specified number of days are displayed.
Range: 1 to 365
Specifies that only certificates that use the RSA algorithm to create the public-private key pair are displayed.
Specifies that only certificates that use the DSA algorithm to create the public-private key pair are displayed.
Limits the information returned by the report. The subparameters are as follows:
Display certificate label.
Display serial #.
Display Issuer DN.
Display Subject DN.
Display Active Date.
Display Expire Date.
Display key size.
Display public key.
Display PKDS label.
Display the certificates that this certificate has signed.
Displays the signature algorithm used to create the signature.
Displays an indication of whether the certificate is trusted or not.
Displays the length of the certificate.
If the FIELDS parameter is specified and no subparameters are listed an error message is displayed. If SUMMARY is specified after the FIELDS parameter, the FIELDS parameter is ignored. If SUMMARY is specified before the FIELDS parameter, the SUMMARY parameter is ignored. If more than one FIELDS parameter is specified, only the last FIELDS parameter is acknowledged.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|