16.1. Syntax

16.1. Syntax

There are two syntax styles for the CRMFPopClient utility, depending on the intended use: 

CRMFPopClient token_password authenticator host port username password 
 [pop_option] subject_dn [OUTPUT_CERT_REQ]


CRMFPopClient token_password [pop_option] OUTPUT_CERT_REQ subject_dn
Option Description
token_password

The password for the cryptographic token.

authenticator

The authentication manager within the Certificate System; this is most often set to nullAuthMgr

host

The hostname of the CA instance.

port

The non-SSL port of the Certificate System CA.

username

The Certificate System user for whom the certificate request is issued.

password

The password of the Certificate System user.

pop_option

Optional. Sets the type of POP request to generate; since this can generate invalid requests, this option can be used for testing. There are three values:

  • POP_SUCCESS. Generates a request with the correct POP information; the server verifies that the information is correct.

  • POP_FAIL. Generates a request with incorrect POP information; the server rejects this request if it is submitted. This is used to test server configuration.

  • POP_NONE. Generates a CRMF request with no POP information. If the server is configured to verify all the POP information, then it rejects this request. In that case, it can be used to test the server configuration.

subject_dn

The distinguished name of the requested certificate.

OUTPUT_CERT_REQ

Optional. Prints the generated certificate request to the screen.

Table 16.1.