Understanding the CreateNewUserCerts Script

The CreateNewUserCerts command is a shell script included with the Demo CA optional component. It generates a new set of entity (client and server) keys and certificates in an existing instance of the Demo CA. See About the Demo CA for more information.

You can run CreateNewUserCerts to generate additional sets of entity certificates. If you wish to replace existing entity certificates in a Demo CA instance, you must revoke the existing certificates first using RevokeCertificate.

Syntax:

CreateNewUserCerts DemoCA-directory [certificate-types]

Parameters:

DemoCA-directory
The directory containing your existing Demo CA instance.
certificate-types
An optional parameter specifying which types of entity certificates to create. If specified, this should be one of:
server
Creates a server certificate only.
client
Creates a client machine certificate only.
clientuser
Creates a client user certificate only.
all
Creates all of the above certificates.

The default value is all.

Comments:

CreateNewUserCerts will prompt you for various pieces of information used in generating the certificates. It executes several of the other Demo CA scripts as part of its processing.

CreateNewUserCerts will prompt for identification information for the new certificate(s). If a certificate with the same information already exists in this Demo CA instance, it must be revoked first using RevokeCertificate, or the creation attempt will be rejected.

The Enterprise Developer product must be configured properly in the shell environment before invoking this script.

Parent topic: Contents of Demo CA