PKIUTIL command line utility: Start here

This section describes the PKIUTIL commands that are used to manage the local certificate database. This topic introduces the command line PKIUTIL utility CFTPKI.


The PKIUTIL command topics are as follows:

  • ACT/INACT Activate/deactivate a certificate
  • PKICER Import, delete, or update a certificate in the database
  • LISTPKI Display the internal datafile contents
  • PKIFILE Create/delete the local certificate database
  • PKIENTITY Create lists of certificate authority IDs in the PKI database
  • PKIKEYGEN Generate a new key and insert in the PKI base

When activated, PKIUTIL uses the local default certificate database. For more information, refer to the Transfer CFT Operations Guide specific to your OS.

When implementing the integrated PKI, the PKIFNAME and PKIPASSW parameters indicate the certificate internal datafile name and the private key protection password respectively. The password can be declared directly or indirectly to a file.  

The next topic describes how to use the CFTUTIL display command for transport security uses.

Autocomplete command

UNIX/Windows only

To simplify the use of PKIUTIL commands, you can use the autocomplete feature when working in interactive mode. See Autocomplete.

Related topics

Related Links