Utilities for managing keys and digital certificates
The following OpenEdge utilities, typically run from the PROENV command line, allow you to install and manage keys and digital certificates:
certutil — Provides all the functions necessary to install and manage root certificates from any Certification Authority (CA) as entries in the root certificate store of an OpenEdge client machine (located in OpenEdge-Install-Dir\certs).
gendomreg — Creates an encrypted domain registry file that can be used to seal a client-principal token. It is most often used when the token must be validated against multiple domains.
genpassword — Accepts the clear-text value of a password and generates the encoded and encrypted form for the specified password.
Note: Also see the stspwdutil utility in the Getting Started: OpenEdge Authentication Server Guide, stspwdutil features similar functionality but better encryption for the PAS for OpenEdge and OpenEdge Authentication Gateway servers.
mkhashfile — Provides a simple way to install a root certificate in the OpenEdge root certificate store of a client machine. Such a certificate can be authorized by your own internal-use Certification Authority (CA) or by any CA that can provide you with a PEM-encoded certificate.
pkiutil — Provides all of the functions necessary to create and manage key store entries for OpenEdge SSL servers. It creates these entries from pairs of private keys and digital certificates that it stores in the OpenEdge server key store (located in OpenEdge-Install-Dir\keys).
You can display usage information for any of these utilities by running them with the -help option. For more detailed information, see the Command and Utility Reference in OpenEdge Getting Started: Installation and Configuration.
certutil — Provides all the functions necessary to install and manage root certificates from any Certification Authority (CA) as entries in the root certificate store of an OpenEdge client machine (located in OpenEdge-Install-Dir\certs).