generate-key-pair
Generate a new RSA key pair.
Syntax:
shell
sfiler-cli [options] generate-key-pair [command options]| Command options | Required / Optional | Description |
|---|---|---|
| -a | Required | The certificate alias (the certificate alias must be unique). |
| -h | Required | The certificate associated host. |
| -ks | Required | The key size (possible values are : 2048, 4096). |
| -d | Required | The duration in years (must be between 1 and 10). |
| -damm | Optional | Indicates the behavior if the specified alias already exists in the database. Possible values are: fail, replace or generate-new. Default value: fail. |
| -apply-configurator | Optional | This property is used to indicate if the generated key pair must be used by the Administrative Console. If the value is set, it must point to a valid configuration file so the value could be inserted or replaced in the targeted file. |
Example:
shell
./sfiler-config-cli.sh -l my-user -p my-password -cf "conf/sfiler.conf" generate-key-pair -a "My Certificate" -h "test.sfiler.com" -ks 4096 -d 2The execution of this command will generate a new RSA key pair with the alias "My Certificate" and the associated host "test.sfiler.com". The key size will be 4096 bits and the certificate will be valid for 2 years. If the same command is executed again, the command will return an error because the alias "My Certificate" already exists in the database. To prevent this error, the -damm option can be used to specify the behavior if the alias already exists in the database.
The possible values are:
- fail : the command will return an error (default value).
- replace : the existing key pair with this alias will be deleted and the new key pair will be generated with the same alias.
- generate-new : a new alias will be generated based on the one specified and the key pair will be imported with this new generated alias.
When the certificate expires, it could be renewed by running the same command with the same alias and the -damm option set to replace.
shell
./sfiler-config-cli.sh -l my-user -p my-password -cf "conf/sfiler.conf" generate-key-pair -a "My Certificate" -h "test.sfiler.com" -ks 4096 -d 2 -damm replace