Steven T. Hatton wrote: > There seems to be a descrepency between the versions of certutil in the > meaning of the -k option of -R. The documentation indicates that switch > preceeds the key "short name". OTOH the -H option on the certutil from > the NSS 3.3.1 indicates the -k distinguishes between rsa and dsa key > types. Does this mean I can no longer specify the key to use when > generating a request? > > TIA, > > Steven >
-k does specify the key type. It does mean you can no longer specify the key to use when generating a request. However, doing a certificate request will generate a key for you. I suggest taking a look at the usage of certutil -S. I believe you will find it does everything you need. -Ian
