3.3.6 hwskeygen
The hwskeygen command creates a private key for the Web server
Synopsis
hwskeygen -rand file-name[:file-name]... [-des|-des3] -out key-file [-bits {512|1024|2048|4096}]
Storage location
Application Server installation directory/httpsd/sbin
Function
This subsection describes how to use the hwskeygen command to create a private key for the Web server. The created Web server private key file is specified in the SSLCertificateKeyFile directive.
Execution permission
Superuser
Arguments
- -rand file-name[:file-name]...
-
Specify any file to be used for random number generation. You must specify an appropriate file whose size is large enough for the random number generation.
- -des|-des3
-
Specify the encryption type when encrypting the private key. If you specify this parameter, you will be requested to enter a password when creating the private key. The password must be no more than 64 characters long. When creating the Certificate Signing Request (CSR) (hwscertutil reqgen command) and starting the Web server, you will also be requested to enter the password.
Note that you can skip the password entry for Web server startup. To skip the password entry, specify the SSLCertificateKeyFile directive in which you specified the server private key file and the SSLCertificateKeyPassword directive in which you specified the password file to httpsd.conf. You can create a password file by using the sslpasswd command.
If -des is specified, the Data Encryption Standard (DES) is selected as the encryption type. If -des3 is specified, Triple DES is selected. This parameter does not affect the encryption type used in the communication between the Web server and the Web browser.
- -out key-file
-
Specify the file to which the Web server private key is output.
- -bits {512|1024|2048|4096}
-
Specify the bit length of the Web server private key.
The following values can be specified:
-
512
-
1024
-
2048
-
4096
Default value: 1024
-
Examples
To create the httpsdkey.pem Web server private key:
hwskeygen -rand file1:file2:file3:file4:file5 -out httpsdkey.pem -bits 1024
file1, file2, file3, file4, file5: Arbitrary files
Exit Status
Exit Status |
Explanation |
---|---|
0 |
command executed successfully. |
Other than 0 |
error in executing the command. |