The certapp tool is a PC command line utility
which converts certificate store files between text and binary formats, and
vice versa.
certapp general_options input_files
-out output_files
It is essential that you
specify at least one input file name and an output file name with certapp.
If you specify input files but do not specify any output file, the tool only
reads the input file data and displays the same. No output file is created
to hold the displayed data.
The following sub-sections provide information
on specifying general options, and specifying input or output file arguments
as command-line arguments with certapp.
General options
The following table summarises the general options that can be specified as command-line arguments:
Name |
Description |
|
Displays the usage message. |
|
Saves progress output to a specified file. |
|
Saves error output to a specified file. |
|
Includes additional debug comments in output files. |
|
Displays license information. |
|
Displays certificates in PEM format. (The format is auto-detected when reading.) |
Note: If you do not specify
any file name with |
|
Input and output file arguments
In the certapp syntax,
the files specified before the -out argument are input files
while those after the argument are output files. You can use the -in option
to specify additional input files at the end of the command line.
The following table summarises the input and output file arguments that can be specified at the command line:
Name |
Description |
|
Specifies a binary SWI certificate store file. |
|
Specifies a human-readable SWI certificate store file. |
|
Specifies a binary file of the file certificate store. |
|
Specifies a human-readable file of the file certificate store. |
|
Specifies a binary certificate clients file. |
|
Specifies a human-readable certificate clients file. |
|
Files listed after |
|
Specifies input files listed in the command line. Files listed after –in are input files. Note: |
|
Changes directory for the specified input or output files. |
Consider the following while specifying input and output file command-line arguments:
Information in file certificate store and SWI certificate store files can depend on information contained in the certificate client files. Therefore, all the certificate client files are read before the other certificate store files.
You can use the --chdir option
to change to the current directory for reading or writing files. You can also
use this option to read input files from one directory and write all output
files to a different directory or to multiple directories.
Important: Duplicate entries should not be included in certificate store files. If duplicate entries are detected in a certificate store file, then this is reported as a fatal error.
For file certificate store or SWI certificate store files, duplicates are determined by labels. For certificate client files, duplicates are determined by the client application name (that is, multiple client application names can map to a single UID, but not vice versa).
The following is an example for dumping
a SWI certificate store (swicertstore.dat) into human-readable
form (swicertstore.txt). The input files are swicertstore.dat and certclients.dat which
maps the application UIDs in the certificates to application description strings.
The certclients.dat file is provided as input so that the
tool can dump the certificate application-related metadata in the form of
text and not as a series of UIDs.
certapp --bcertclients=certclients.dat --bswicertstore=swicertstore.dat --out --hcertclients=certclients.txt --hswicertstore=swicertstore.txt