Functional Specification
It is a command to create a certificate issuance application to the certificate authority. The key creation algorithm is "RSA".
Execute this command on the Relay Server.
Command Format
SDSVMakeCSR.exe -file file path -validity Validity period -CN FQDN or IP address -OU Organization unit -O Organization name [-L City name, Area] [-ST State, Locality] -C Country name [-keysize size of the key to be generated] [-sigalg Signature algorithm] [-certfile File name of the certificate]
Option
Specify the output file path of the application. (Mandatory)
Specify the validity period in the range of 1 to 36500 days. (Mandatory)
Specify the "Server address" to be specified in the Smart Device (agent) as FQDN or IP address. (Mandatory)
Specify the organization unit (Mandatory)
Specify the name of the organization (Mandatory)
Specify the name of the city and area (Optional)
If you omit this option, the name of the city and area are not set.
Specify the name of the state and locality. (Optional)
If you omit this option, the name of the state and locality are not set.
Specify the name of the country. (Mandatory)
Enter "JP" for Japan.
Specify the size of the key to be generated. (Optional)
The maximum value is "8192". The minimum value depends on the signature algorithm.
If you omit this option, the value "2048" will be set.
Specify the signature algorithm.(Optional)
Set to "SHA1withRSA", when this option is omitted.
Refer to the signature algorithm of the Java keytool command for details on the signature algorithm.
Specify the file name when generating the server certificate by using the generated certificate issuance application. (Optional)
If you omit this option, a server certificate is not generated.
File name same as that of specified in -file option cannot be specified.
Get the each input item confirmed from the certificate authority.
Note
If there is a space in the character string in the options, enclose it in halfwidth quotation marks (").
If you run this command for multiple times, only the last application is considered as valid. The previous applications are considered as invalid.
If FQDN and the "server address" specified in the smart device (agent) do not match, an error is generated during certificate verification.
Return Value
Ended normally
Ended abnormally
Location for Saving Commands
<Relay Server installation folder>\bin
Execution Results/Output Format
Execute with a user that belongs to the Administrators group of the local computer or a user that belongs to the Domain Admins group of the domain.
Examples of Use
Example: To output to c:\temp\dtk.csr
Name of the company: DTK Corporation
Address: Chuo-ku, Tokyo
Domain name: dtk.co.jp
Validity period: 90 (days)
Server name/IP address: PC1.dtk.co.jp (*1)
Organization unit: Sales department
Name of the organization: DTK K.K.
Name of the city: Chuo-Ku
Area: Tokyo
Name of the country: JP
Size of the key to be generated: 2048
Signature name algorithm: SHA1withRSA
SDSVMakeCSR.exe -file c:\temp\dtk.csr -validity 90 -CN PC1.dtk.co.jp -OU "Sales department" -O "DTK K.K." -L Chuo-Ku -ST Tokyo -C JP -keysize 2048 -sigalg SHA1withRSA
Example: To output the application to c:\temp\dtk.csr, and to output the server certificate to c:\temp\dtk.cer
Name of the company: DTK Corporation
Address: Chuo-ku, Tokyo
Domain name: dtk.co.jp
Validity period: 90 (days)
Server name/IP address: PC1.dtk.co.jp (*1)
Organization unit: Sales department
Name of the organization: DTK K.K.
Name of the city: Chuo-Ku
Area: Tokyo
Name of the country: JP
Size of the key to be generated:
2048Signature name algorithm: SHA1withRSA
SDSVMakeCSR.exe -file c:\temp\dtk.csr -validity 90 -CN PC1.dtk.co.jp -OU "Sales department" -O "DTK K.K." -L Chuo-Ku -ST Tokyo -C JP -keysize 2048 -sigalg SHA1withRSA -certfile c:\temp\dtk.cer
*1: When the computer name of the applying PC is PC1
Execution Results/Output Format
success