The following OpenEdge utilities, typically run from the Proenv command-line environment, allow you to install and manage keys and digital certificates:

  • certutil — Provides all the functions necessary to install and manage root certificates from any certification authority (CA) as entries in the root certificate store of an OpenEdge client machine (located in OpenEdge-Install-Dir\certs).
  • gendomreg — Creates an encrypted domain registry file that can be used to seal a client-principal token. It is most often used when the token must be validated against multiple domains.
  • genpassword — Accepts the clear-text value of a password, and generates the encoded and encrypted form for the specified password.
    Note: See the STS Password Utility (stspwdutil) in OpenEdge Getting Started: OpenEdge Authentication Gateway Guide. stspwdutil has similar functionality but better encryption for the PAS for OpenEdge and OpenEdge Authentication Gateway servers.
  • mkhashfile — Provides a simple way to install a root certificate in the OpenEdge root certificate store of a client machine. This type of a certificate can be authorized by your internal-use certification authority (CA) or by any CA that can provide you with a PEM-encoded certificate.
  • pkiutil — Provides all of the functions necessary to create and manage key store entries for OpenEdge TLS servers. It creates these entries from pairs of private keys and digital certificates that it stores in the OpenEdge server key store (located in OpenEdge-Install-Dir\keys).

You can display usage information for any of these utilities by running them with the -help option.

For more detailed information, see Manage OpenEdge Keys and Certificates.

.