About This Guide

The Command-Line Tools Guide describes various command-line tools or utilities that are bundled with Red Hat Certificate System (CS). It provides the information such as the command syntax, platform support, examples, and so on, required to use these tools.

This preface has the following sections:

Who Should Read This Guide

This guide is intended for experienced system administrators who are planning to deploy Certificate System. CS agents should refer to CS Agent's Guide for information on how to perform agent tasks, such as handling certificate requests and revoking certificates.

What You Should Know

This guide assumes that you

Are familiar with the basic concepts of public-key cryptography and the Secure Sockets Layer (SSL) protocol.
- SSL cipher suites
- The purpose of and major steps in the SSL handshake
Understand the concepts of intranet, extranet, and the Internet security and the role of digital certificates in a secure enterprise. These include the following topics:
- Encryption and decryption
- Public keys, private keys, and symmetric keys
- Significance of key lengths
- Digital signatures
- Digital certificates, including various types of digital certificates
- The role of digital certificates in a public-key infrastructure (PKI)
- Certificate hierarchies

If you are new to these concepts, we recommend that you read the security-related appendixes of the accompanying manual, Managing Servers with Red Hat Console.

What's in This Guide

This guide contains the following topics:


Chapter 1 "Command-Line Tools"	Provides an overview of the command-line tools provided with Certificate System, including the ones that are not covered in this documentation.
Chapter 2 "CS Migration Utility"	Describes how to use the utility to upgrade from a previous release of Certificate System.
Chapter 3 "Password Cache Utility"	Describes how to use the tool for managing the single sign-on password cache.
Chapter 4 "AuditVerify"	Describes how to use the tool used to verify signed audit logs.
Chapter 5 "PIN Generator Tool"	Describes how to use the tool for generating unique PINs for your users and for populating their directory entries with PINs.
Chapter 6 "Extension Joiner Tool"	Describes how to use the tool for joining MIME-64 encoded formats of certificate extensions to create a single blob.
Chapter 7 "Backing Up and Restoring Data"	Describes how to use the tools for backing up, signing, verifying, and restoring data to a CS instance.
Chapter 8 "ASCII to Binary Tool"	Describes how to use the tool for converting ASCII data to its binary equivalent.
Chapter 9 "Binary to ASCII Tool"	Describes how to use the tool for converting binary data to its ASCII equivalent.
Chapter 10 "Pretty Print Certificate Tool"	Describes how to use the tool for printing or viewing the contents of a certificate stored as ASCII base-64 encoded data in a human-readable form.
Chapter 11 "Pretty Print CRL Tool"	Describes how to use the tool for printing or viewing the contents of a CRL stored as ASCII base-64 encoded data in a human-readable form.

Conventions Used in This Guide

The following conventions are used in this guide:


Monospaced font	This typeface is used for any text that appears on the computer screen or text that you should type. It's also used for filenames, functions, and examples.
	Example: Server Root is the directory where the CS binaries are kept.
Italic	Italic type is used for emphasis, book titles, and glossary terms.
	Example: This control depends on the access permissions the super administrator has set up for you.
Boldface	Boldface type is used for various UI components such as captions and field names, and the terminology explained in the glossary.
	Example:
	Rotation frequency. From the drop-down list, select the interval at which the server should rotate the active error log file. The available choices are Hourly, Daily, Weekly, Monthly, and Yearly. The default selection is Monthly.
Monospaced []	Square brackets enclose commands that are optional.
	Example: PrettyPrintCert <input_file> [<output_file>]
	<input_file> specifies the path to the file that contains the base-64 encoded certificate.
	<output_file> specifies the path to the file to write the certificate. This argument is optional; if you don't specify an output file, the certificate information is written to the standard output.
Monospaced <>	Angle brackets enclose variables or placeholders. When following examples, replace the angle brackets and their text with text that applies to your situation. For example, when path names appear in angle brackets, substitute the path names used on your computer.
	Example: Using Netscape Communicator 4.7 or later, enter the URL for the Red Hat Administration Server: http://<hostname>:<port_number>
/	A slash is used to separate directories in a path.
	Example: Except for the Security Module Database Tool, you can find all the other command-line utilities at this location: <server_root>/bin/cert/tools

Notes and Cautions:


Note	A note alerts you to information that may be of interest to you.


Caution	A caution signals a potential risk of losing data, damaging software or hardware, or otherwise disrupting system performance.

Documentation

The document set for Certificate System also contains the following guides:

Managing Servers with Red Hat Console - Provides background information on basic cryptography concepts and the role of Red Hat Console.

CS Administrator's Guide - Describes how to plan for, install, and administer CS.

CS Command-Line Tools Guide (this guide) - Provides detailed reference information on CS tools.

CS Customization Guide - Provides detailed reference information on customizing the HTML-based agent and end-entity interfaces.

CS Agent's Guide - Provides detailed reference information on CS agent interfaces. To access this information from the Agent Services pages, click any help button.

For the latest information about Certificate System, including current release notes, complete product documentation, technical notes, and deployment information, check this site:

http://www.redhat.com/docs/manuals/cert-system/