-
Notifications
You must be signed in to change notification settings - Fork 315
Certificate Attributes
The flags listed in this section are used to set the subject and attributes of both self-signed and CA-signed certificates created with Cert Wizard.
The --cn flag is used to set the Common Name (CN) of the generated certificate, and is mandatory:\
-
--cn - Specify certificate common name (CN) The following flags are used to set specific certificate attributes, and are optional:
-
--country - Specify certificate country attribute
-
--state - Specify certificate state or province attribute
-
--locale - Specify certificate locale (city) attribute
-
--org - Specify certificate organization attribute
-
--org-unit - Specify certificate org unit attribute
-
--email - Specify certificate emailAddress attribute For example, the following command generates and imports a self-signed certificate with these specific attributes:
./eaphammer --bootstrap
--country US
--state Washington
--locale Seattle
--org BigScaryEDRVendor
--org-unit Legal
--email bugreport@bsevendor.com
Cert Wizard also has a number of advanced options that can be used during cert creation:
- —not-before - Specify datetime on which cert should become active.
- —not-after - Specify datetime on which cert should become active.
- —algorithm - Specify algorithm with which to sign cert.
- —key-length - Specify default certificate key length.
However, in most cases these options can be left to their default values.
-
- XIV.1 - Interactive Mode
-
XIV.2 - Creating Certificates
--cert-wizard create -
XIV.3 - Importing Certificates and Keys
--cert-wizard import - XIV.4 - Listing Previously Imported or Created Certificates
--cert-wizard list - XIV.5 - Regenerating Diffie Hellman (DH) Parameters
--cert-wizard dh - XIV.6 - Overriding EAPHammer's Static Configuration