The pkiutil command-line utility provides all the operations necessary to create and manage keystore entries for OpenEdge TLS servers (see Manage keystores for OpenEdge servers). This utility manages all input and output for the keystore in the OpenEdge-Install-Dir\keys directory. For more information on the structure of this directory, see About the keystore content.The pkiutil utility has the following general command-line syntax:
pkiutil [options] function arguments
options
Change the type of information and defaults for different functions (function) of the utility.
function arguments
One of the following functions (function) and the objects they affect (arguments):
  • -newreq alias—Generates a new public/private key pair and a corresponding certificate signing request (suitable for submission to a CA), stored under the alias name specified by alias
  • -import alias cert-file—Imports a CA-signed SSL server digital certificate from the disk file cert-file, pairs it with the private key generated for a public key request identified by the alias name alias, and places the pair in the keystore as a new entry identified by alias
  • -print alias—Displays the public-key certificate request identified by alias.
  • -list [ alias ... ]—Displays a list of specified (alias) or all current keystore entries
  • -display cert-file—Displays the digital certificate file information contained in the operating system disk file cert-file
  • -remove alias ...—Removes one or more specified (alias) keystore entries
For complete information on the options and functions of the pkiutil command-line utility, see pkiutil