1.50 swss_makecsr.exe (Generating Certificate Signature Requests)

Description

This command is used to generate the certificate signature request for the server certificate. The key generation algorithm is RSA.

Syntax

swss_makecsr.exe

/file:generatedFileName /validity:validityPeriod
/CN:ssHostName /OU:orgUnitName /O:orgName
/C:countryCode
[/L:region(city)Name] [/ST:stateOrProvinceName]
[/keysize:keySize]
[/sigalg:signatureAlgorithm]
[/certfile:serverCertFileName]

Option

/file:generatedFileName: Specifies the name of the file to which certificate signature requests are generated.

/validity:validityPeriod: Specifies the validity period of the certificate using a value from 1 to 36500 days.

/CN:ssHostName: Specifies the host name of the SS.

/OU:orgUnitName: Specifies any string used to identify the organization unit, such as the department or section name.

/O:orgName: Specifies the official name of the organization such as company name or group name that is applying for the certificate.

/C:countryCode: Specifies an ISO-standard two-character country code. The code for Japan is "JP".

/L:region(city)Name: Specifies the location information (city/ward/town/village name) of the organization. If omitted, it will be deemed as unspecified.

/ST:StateOrProvinceName: Specifies the location information (state/province name) of the organization. If omitted, it will be deemed as unspecified.

/keysize:keySize: Specifies the size of the key to be generated, using a value from 1 to 8192. If omitted, the default is 2048.

/sigalg:signatureAlgorithm: Specifies the signature algorithm. If omitted, the default is "SHA1withRSA".

/certfile:serverCertFileName

Specifies the file name when a server certificate is generated using the generated certificate signature request. If omitted, the file name will not be generated.

You cannot specify the same file as the file specified in the /file option.

Return value

0: Ended normally

Other than 0: Ended abnormally

Command location

The following folder of SS:

dtpInstallDir\SS\bin

Privilege required for execution/execution environment

Execute as a user with Administrator privileges.
This command must be executed on SS.

Note

If the option value contains spaces, enclose it in double quotation marks.
Confirm with the CA about the input items.
When this command is executed more than once, only the last certificate signature request remains valid. All previous requests become invalid.
If the host name specified in the smart device does not match the host name specified in the /CN option, an error will occur on verification of the certificate.

Example

Generate a certificate signature request for c:\temp\certreq.pem.
C:\Program Files\Fujitsu\Systemwalker Desktop Patrol\SS\bin\swss_makecsr.exe /file:c:\temp\certreq.pem /validity:365 /CN:host1 /OU:BUMON /O:"ABC company" /C:JP
Generate a certificate signature request for c:\temp\certreq.pem, and use that to generate a server certificate for c:\temp\dtp.cer.
C:\Program Files\Fujitsu\Systemwalker Desktop Patrol\SS\bin\swss_makecsr.exe /file:c:\temp\certreq.pem /validity:365 /CN:host1 /OU:BUMON /O:"ABC company" /C:JP /certfile:c:\temp\dtp.cer