System information
encoding rules (DER)-encoded Extended Key
Usage extension.
Chapter 19, Issuer Alternative Name
Extension
Describes how to generate an Issuer
Alternative Name extension in base-64
encoding.
Chapter 20, Subject Alternative Name
Extension
Describes how to generate a Subject
Alternative Name extension in base-64
encoding.
Chapter 21, HTTP Client Describes how to communicate with any
HTTP/HTTPS server.
Chapter 22, OCSP Request Describes how to verify certificate status by
submitting Online Certificate Status Protocol
(OCSP) requests to an instance of an OCSP
subsystem.
Chapter 23, PKCS #10 Client Describes how to generate a Public-Key
Cryptography Standards (PKCS) #10
enrollment request.
Chapter 24, Bulk Issuance Tool Describes how to send either a KEYGEN or
CRMF enrollment request to the bulk
issuance interface to create certificates
automatically.
Chapter 25, Revocation Automation Utility Describes how to automate user management
scripts to revoke certificates.
Table 1. List of Contents
4. Common Tool Information
All of the tools in this guide are located in the /usr/bin directory, except for the Silent Install
tool which is downloaded separately and installed to any directory. These tools can be run from
any location without specifying the tool location.
5. Additional Reading
The documentation for the Certificate System also contains the following guides:
• Certificate System Administrator's Guide explains all administrative functions for the
Certificate System, such as adding users, creating and renewing certificates, managing smart
cards, publishing CRLs, and modifying subsystem settings like port numbers.
• Certificate System Agent's Guide details how to perform agent operations for the CA, DRM,
OCSP, and TPS subsystems through the Certificate System agent services interfaces.
Common Tool Information
ix