Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 10.0.1 » SQL Anywhere Server - Database Administration » Transport-Layer Security » Certificate utilities

Certificate utilities Next Page

Certificate creation utility [createcert]

Create X.509 certificates.


createcert [ -r | -s ]

Option Description
-r Use this option to create a PKCS10 certificate request. When this option is specified, createcert does not prompt for a signer or any other information used to sign a certificate.
-s filename Use this option to sign the PKCS10 certificate request that is in the specified file. The request can be DER or PEM encoded. When this option is specified, createcert does not prompt for key generation or subject information.

To create a signed certificate, use createcert without options. If you want to break up the process into two steps, for example so one person creates a request and another person signs it, the first person can run createcert with -r to create a request and the second person can sign the request by running createcert with -s.

When you run createcert, you are prompted for the following information. When you specify the -r or -s option, some of these prompts do not appear.

See also

The following example creates a signed certificate. In the example, no file name is provided for the signer's certificate, which makes it a self-signed root certificate.

SQL Anywhere X.509 Certificate Generator Version
Choose encryption type ((R)SA or (E)CC): r
Enter RSA key length (512-16384): 1024
Generating key pair...
Country Code: CA
State/Province: Ontario
Locality: Waterloo
Organization: Sybase iAnywhere
Organizational Unit: Engineering
Common Name: Test Certificate
Enter file path of signer's certificate:
Certificate will be a self-signed root
Serial number [generate GUID]:
Generated serial number: bfb89a26fb854955954cabc4d056e177
Certificate valid for how many years (1-100): 10
Certificate Authority ((y)es or (n)o) [n]:
1.  Digital Signature
2.  Nonrepudiation
3.  Key Encipherment
4.  Data Encipherment
5.  Key Agreement
6.  Certificate Signing
7.  CRL Signing
8.  Encipher Only
9.  Decipher Only
Key Usage [3,4,5]:
Enter file path to save certificate: cert.pem
Enter file path to save private key: key.pem
Enter password to protect private key: pwd
Enter file path to save identity: id.pem