Generates X.509 certificates or signs pregenerated certificate requests. This utility is located in <UnwiredPlatform_InstallDir>\Servers\SQLAnywhere11\BIN32.
You may choose to purchase certificates from a third party. These certificate authorities (CAs) provide their own tools for creating certificates. You can use createcert to create certificates for development and testing; you can also use it for production certificates.
createcert [options]
Option | Description |
---|---|
-r | Creates a PKCS #10 certificate request. createcert does not prompt for a signer or any other information used to sign a certificate. |
-s <filename> | Signs the PKCS #10 certificate request that is in the specified file. The request can be DER or PEM encoded. createcert does not prompt for key generation or subject information. |
To create a signed certificate, use createcert without options. To break the process into two separate steps, for example so one person creates a request and another person signs it, the first person can run createcert with -r to create a request and the second person can sign the request by running createcert with -s.
<UnwiredPlatform_InstallDir>\UnwiredPlatform\Servers\SQLAnywhere11\BIN32>createcert SQL Anywhere X.509 Certificate Generator Version 11.0.1.2405 Enter RSA key length (512-16384): 1024 Generating key pair... Country Code: US State/Province: CA Locality: Dublin Organization: MyCompany Organizational Unit: PTO Common Name: MyCompany Enter file path of signer's certificate: Certificate will be a self-signed root Serial number [generate GUID]:<enter> Generated serial number: 3f52ee68c8604e48b8359e0c0128da5a Certificate valid for how many years (1-100): 10 Certificate Authority (Y/N) [N]: Y 1. Digital Signature 2. Nonrepudiation 3. Key Encipherment 4. Data Encipherment 5. Key Agreement 6. Certificate Signing 7. CRL Signing 8. Encipher Only 9. Decipher Only Key Usage [6,7]: <enter> Enter file path to save certificate: rsa_root.crt Enter file path to save private key: rsa_key.key Enter password to protect private key: <MyPwd> Enter file path to save identity: id.pem
Certificate Authority (Y/N) [N]: y 1. Digital Signature 2. Nonrepudiation 3. Key Encipherment 4. Data Encipherment 5. Key Agreement 6. Certificate Signing 7. CRL Signing 8. Encipher Only 9. Decipher Only Key Usage [6,7]: 6,7