KeyStoreCommands command group for the AdminTask object

Operating Systems: i5/OS
Personalize the table of contents and search results

KeyStoreCommands command group for the AdminTask object

You can use the Jython or Jacl scripting languages to configure key stores with the wsadmin tool. A key store is created by the application server during install and can contain cryptographic keys or certificates. The commands and parameters in the KeyStoreCommands group can be used to create, delete, and manage key stores. The KeyStoreCommands command group for the AdminTask object includes the following commands:

changeMultipleKeyStorePasswords
createKeyStore
createCMSKeyStore
deleteKeyStore
exchangeSigners
getKeyStoreInfo
listKeyFileAliases
listKeyStores
listKeyStoresTypes

changeMultipleKeyStorePasswords

The changeMultipleKeyStorePasswords command updates all of the key stores in the configuration that have a give password and changed them to a new password. This is useful because when you create key store files on the system, they will have WebAS as a password by default.

Parameters and return values

-keyStorePassword: Specifies the name of the password that you want to change. (String, required)
-newKeyStorePassword: Specifies the new password that you will use to access the key store. (String, required)
-newKeyStorePassword Verify: Confirms the new key store password. (String, required)

Examples

Batch mode example usage:

Using Jacl:

$AdminTask changeMultipleKeyStorePasswords {-keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd}

Using Jython string:

AdminTask.changeMultipleKeyStorePasswords ('[-keyStorePassword WebAS -newKeyStorePassword newpwd -newKeyStorePasswordVerify newpwd]')

Using Jython list:

AdminTask.changeMultipleKeyStorePasswords (['-keyStorePassword', 'WebAS', '-newKeyStorePassword', 'newpwd', '-newKeyStorePasswordVerify', 'newpwd'])

Interactive mode example usage:

Using Jacl:

$AdminTask changeMultipleKeyStorePasswords {-interactive}

Using Jython string:

AdminTask.changeMultipleKeyStorePasswords ('[-interactive]')

Using Jython list:

AdminTask.changeMultipleKeyStorePasswords (['-interactive'])

createKeyStore

The createKeyStore command creates the key store settings in the configuration and the key store database.

Parameters and return values

-keyStoreName: The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreType: The implementation of the key store management. (String, required)
-keyStoreLocation: The location of the key store. For file based, the location is the files system path to the key store database. For hardware key store, the location is the path to the token library. (String, required)
-keyStorePassword: The password that protects the key store. (String, required)
-keyStorePasswordVerify: The password that protects the key store. (String, required)
-keyStoreProvider: The provider used to implement the key store. (String, optional)
-isKeyStoreFileBased: Set the value of this parameter to true if the key store is file based. Set the value of this parameter to false for hardware crypto key stores. (Boolean, optional)
-keyStoreHostList: A list of host names that indicate from where the key store is remotely managed, separated by commas. (String, optional)
-keyStoreInitAtStartup: Set the value of this parameter to true if the key store is initialized at startup. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyStoreReadOnly: Set the value of this parameter to true if you cannot write to the key store. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyStoreStashFile: Set the value of this parameter to true if you want to create stash files for CMS type key store. Otherwise, set the value of this parameter to false. (Boolean, optional)
-scopeName: The name of the scope. (String, optional)
-enableCryptoOperations: Specifies if the key store object will be used for hardware cryptographic operations or not. The default value is false. (Boolean, optional)

Examples

Batch mode example usage:

Using Jacl:

$AdminTask createKeyStore {-keyStoreName testKS -location c:\temp\testKeyFile.p12 keyStorePassword testpwd -keyStorePasswordVerify testpwd -isKeyStoreFileBased true -keyStoreInitAtStartup true -keyStoreReadOnly false}

Using Jython string:

AdminTask.createKeyStore ('[-keyStoreName testKS -location c:\temp\testKeyFile.p12 keyStorePassword testpwd -keyStorePasswordVerify testpwd -isKeyStoreFileBased true -keyStoreInitAtStartup true -keyStoreReadOnly false]')

Using Jython list:

AdminTask.createKeyStore (['-keyStoreName', 'testKS', '-location', 'c:\temp\testKeyFile.p12', 'keyStorePassword', 'testpwd', '-keyStorePasswordVerify', 'testpwd', '-isKeyStoreFileBased', 'true', '-keyStoreInitAtStartup', 'true', '-keyStoreReadOnly', 'false'])

Interactive mode example usage:

Using Jacl:

$AdminTask createKeyStore {-interactive}

Using Jython string:

AdminTask.createKeyStore ('[-interactive]')

Using Jython list:

AdminTask.createKeyStore (['-interactive'])

createCMSKeyStore

The createCMSKeyStore command creates a CMS key store database and the key store settings in the configuration.

Parameters and return values

-cmsKeyStoreURI: The URI of the CMS key store. (String, required)
-pluginHostName: The host name of the plug-in. (String, required)

Examples

Batch mode example usage:

Using Jacl:
```
$AdminTask createCMSKeyStore
```
Using Jython:
```
AdminTask.createCMSKeyStore()
```

Interactive mode example usage:

Using Jacl:

$AdminTask createCMSKeyStore {-interactive}

Using Jython string:

AdminTask.createCMSKeyStore ('[-interactive]')

Using Jython list:

AdminTask.createCMSKeyStore (['-interactive'])

deleteKeyStore

The deleteKeyStore command deletes the settings of a key store from the configuration and the key store file.

Parameters and return values

-name: The name that uniquely identifies the key store that you want to delete. (String, required)
-scopeName: The name of the scope. (String, optional)

Examples

Batch mode example usage:

Using Jacl:

$AdminTask deleteKeyStore {-name testKS}

Using Jython string:

AdminTask.deleteKeyStore ('[-name testKS]')

Using Jython list:

AdminTask.deleteKeyStore (['-name', 'testKS'])

Interactive mode example usage:

Using Jacl:

$AdminTask deleteKeyStore {-interactive}

Using Jython string:

AdminTask.deleteKeyStore ('[-interactive]')

Using Jython list:

AdminTask.deleteKeyStore (['-interactive'])

exchangeSigners

The exchangeSigners command exchange signer certificate between key stores.

Parameters and return values

-keyStoreName1: The name that uniquely identifies a key store. You must specify a second key store name using the keyStoreName2 parameter. (String, required)
-keyStoreScope1: The scope name of the key store that you specified with the keyStoreName1 parameter. (String, required)
-certificateAlaisList1: A list of aliases separated by a comma. (String, optional)
-keyStoreName2: The name that uniquely identifies a key store. You must specify a second key store name using the keyStoreName1 parameter. (String, required)
-keyStoreScope2: The scope name of the key store that you specified with the keyStoreName2 parameter. (String, required)
-certificateAliasList2: A list of aliases separated by a comma. (String, optional)

Examples

Batch mode example usage:

Using Jacl:

$AdminTask exchangeSigners {-keyStoreName1 testKS -certificateAliasList1 testCert1 -keyStoreName2 secondKS -certificateAlaisList2 certAlis}

Using Jython string:

AdminTask.exchangeSigners ('[-keyStoreName1 testKS -certificateAliasList1 testCert1 -keyStoreName2 secondKS -certificateAlaisList2 certAlis]')

Using Jython list:

AdminTask.exchangeSigners (['-keyStoreName1', 'testKS', '-certificateAliasList1', 'testCert1', '-keyStoreName2', 'secondKS', '-certificateAlaisList2', 'certAlis'])

Interactive mode example usage:

Using Jacl:

$AdminTask exchangeSigners {-interactive}

Using Jython string:

AdminTask.exchangeSigners ('[-interactive]')

Using Jython list:

AdminTask.exchangeSigners (['-interactive'])

getKeyStoreInfo

The getKeyStoreInfo command displays the settings of a particular key store.

Parameters and return values

-name: The name that uniquely identifies the key store. (String, required)
-scopeName: The name of the scope. (String, optional)

Examples

Batch mode example usage:

Using Jacl:
```
$AdminTask getKeyStore {-name testKS}
```

Using Jython string:

AdminTask.getKeyStore ('[-name testKS]')

Using Jython list:

AdminTask.getKeyStore (['-name', 'testKS'])

Interactive mode example usage:

Using Jacl:

$AdminTask getKeyStoreInfo {-interactive}

Using Jython string:

AdminTask.getKeyStoreInfo ('[-interactive]')

Using Jython list:

AdminTask.getKeyStoreInfo (['-interactive'])

listKeyFileAliases

The listKeyFileAliases command lists the certificates in a key store file.

Parameters and return values

-keyFilePath: The path of the key file. (String, required)
-keyFilePassword: The password for the key file. (String, required)
-keyFileType: The key file type. (String, required)

Examples

Batch mode example usage:

Using Jacl:

$AdminTask listKeyFileAliases {-keyFilePath c:\temp\testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12}

Using Jython string:

AdminTask.listKeyFileAliases ('[-keyFilePaht c:\temp\testKeyFile.p12 -keyFilePassword testPwd -keyFileType PKCS12]')

Using Jython list:

AdminTask.listKeyFileAliases (['-keyFilePaht', 'c:\temp\testKeyFile.p12', '-keyFilePassword', 'testPwd', '-keyFileType', 'PKCS12'])

Interactive mode example usage:

Using Jacl:

$AdminTask listKeyFileAliases {-interactive}

Using Jython string:

AdminTask.listKeyFileAliases ('[-interactive]')

Using Jython list:

AdminTask.listKeyFileAliases (['-interactive'])

listKeyStores

The listKeyStores command lists the key store for a particular scope.

Parameters and return values

-displayObjectName: Set the value of this parameter to true to list the key store configuration objects within a scope. Set the value of this parameter to false to list the strings that contain the key store name and management scope. (String, optional)
-scopeName: The name of the scope. (String, optional)

Examples

Batch mode example usage:

Using Jacl:
```
$AdminTask listKeyStores
```
Using Jython:
```
AdminTask.listKeyStores()
```

Interactive mode example usage:

Using Jacl:
```
$AdminTask listKeyStores {-interactive}
```

Using Jython string:

AdminTask.listKeyStores ('[-interactive]')

Using Jython list:

AdminTask.listKeyStores (['-interactive'])

listKeyStoresTypes

The listKeyStoresTypes command lists all valid key store types.

Parameters and return values

Parameters: None
Returns: A list of key store types.

Examples

Batch mode example usage:

Using Jacl:
```
$AdminTask listKeyStoreTypes
```
Using Jython:
```
AdminTask.listKeyStoreTypes()
```

Interactive mode example usage:

Using Jacl:

$AdminTask listKeyStoresTypes {-interactive}

Using Jython string:

AdminTask.listKeyStoresTypes ('[-interactive]')

Using Jython list:

AdminTask.listKeyStoresTypes (['-interactive'])

Related Reference

Commands for the AdminTask object