KeyStoreCommands command group for the AdminTask object

You can use the Jython or Jacl scripting languages to configure key stores with the wsadmin tool. A key store is created by the application server during install and can contain cryptographic keys or certificates. The commands and parameters in the KeyStoreCommands group can be used to create, delete, and manage key stores.

The KeyStoreCommands command group for the AdminTask object includes the following commands:

changeMultipleKeyStorePasswords

The changeMultipleKeyStorePasswords command updates all of the key stores in the configuration that have a give password and changed them to a new password. This is useful because when you create key store files on the system, they will have WebAS as a password by default.

Required parameters

-keyStorePassword
Specifies the name of the password that you want to change. (String, required)
-newKeyStorePassword
Specifies the new password that you will use to access the key store. (String, required)
-newKeyStorePassword Verify
Confirms the new key store password. (String, required)

Optional parameters

None.

Examples

Batch mode example usage:

Interactive mode example usage:

createKeyStore

The createKeyStore command creates the key store settings in the configuration and the key store database.

Required parameters

-keyStoreName
The name that uniquely identifies the key store configuration object. (String, required)
-keyStoreType
The implementation of the key store management. (String, required)
-keyStoreLocation
The location of the key store. For file based, the location is the files system path to the key store database. For hardware key store, the location is the path to the token library. (String, required)

Optional parameters

-keyStorePassword
The password that protects the key store. (String, required)
-keyStorePasswordVerify
The password that protects the key store. (String, required)
-keyStoreProvider
The provider used to implement the key store. (String, optional)
-keyStoreIsFileBased
Set the value of this parameter to true if the key store is file based. Set the value of this parameter to false for hardware crypto key stores. (Boolean, optional)
-keyStoreHostList
A list of host names that indicate from where the key store is remotely managed, separated by commas. (String, optional)
-keyStoreInitAtStartup
Set the value of this parameter to true if the key store is initialized at startup. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyStoreReadOnly
Set the value of this parameter to true if you cannot write to the key store. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyStoreStashFile
Set the value of this parameter to true if you want to create stash files for CMS type key store. Otherwise, set the value of this parameter to false. (Boolean, optional)
-scopeName
The name that uniquely identifies the management scope, for example: (cell):localhostNode01Cell. (String, optional)
-enableCryptoOperations
Specifies if the key store object will be used for hardware cryptographic operations or not. The default value is false. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

createCMSKeyStore

The createCMSKeyStore command creates a CMS key store database and the key store settings in the configuration.

Required parameters

-cmsKeyStoreURI
The URI of the CMS key store. (String, required)
-pluginHostName
The host name of the plug-in. (String, required)

Optional parameters

None.

Examples

Batch mode example usage:

Interactive mode example usage:

deleteKeyStore

The deleteKeyStore command deletes the settings of a key store from the configuration and the key store file.

Required parameters

-keyStoreName
The name that uniquely identifies the key store that you want to delete. (String, required)

Optional parameters

-scopeName
The name that uniquely identifies the management scope, for example: (cell):localhostNode01Cell. (String, optional)
-removeKeyStoreFile
Specifies whether to remove the key store file. Specify true to remove the key store file or false to keep the key store file in your configuration. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

exchangeSigners

The exchangeSigners command exchange signer certificate between key stores.

Required parameters

-keyStoreName1
The name that uniquely identifies a key store. You must specify a second key store name using the keyStoreName2 parameter. (String, required)
-keyStoreName2
The name that uniquely identifies a key store. You must specify a second key store name using the keyStoreName1 parameter. (String, required)

Optional parameters

-keyStoreScope1
The scope name of the key store that you specified with the keyStoreName1 parameter. (String, optional)
-keyStoreScope2
The scope name of the key store that you specified with the keyStoreName2 parameter. (String, optional)
-certificateAlaisList1
A list of aliases separated by a comma. (String, optional)
-certificateAliasList2
A list of aliases separated by a comma. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

getKeyStoreInfo

The getKeyStoreInfo command displays the settings of a particular key store.

Required parameters

-keyStoreName
The name that uniquely identifies the key store. (String, required)

Optional parameters

-scopeName
The name that uniquely identifies the management scope, for example: (cell):localhostNode01Cell. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

listKeyFileAliases

The listKeyFileAliases command lists the certificates in a key store file.

Required parameters

-keyFilePath
The path of the key file. (String, required)
-keyFilePassword
The password for the key file. (String, required)
-keyFileType
The key file type. (String, required)

Optional parameters

None.

Examples

Batch mode example usage:

Interactive mode example usage:

listKeyStores

The listKeyStores command lists the key store for a particular scope.

Required parameters

None.

Optional parameters

-scopeName
The name that uniquely identifies the management scope, for example: (cell):localhostNode01Cell. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

listKeyStoreTypes

The listKeyStoreTypes command lists all valid key store types.

Required parameters

None.

Optional parameters

None.

Examples

Batch mode example usage:

Interactive mode example usage:




Related tasks
Using the AdminTask object for scripted administration
Related reference
Commands for the AdminTask object
Jython
Reference topic Reference topic    

Terms and conditions for information centers | Feedback

Last updatedLast updated: Aug 30, 2013 8:21:57 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=pix&product=was-express-iseries&topic=rxml_atkeystore
File name: rxml_atkeystore.html