validatecertificate
Request a certificate to be validated by the specified service.
usage: Usage: signclient validatecertificate <options>
-cert <cert-file> Path to certificate file (DER or PEM)
(Required).
-certpurposes <certpurposes> A ',' separated string containing
requested certificate purposes.
-der Certificate is in DER format.
-help Display this info
-hosts <hosts> A ',' separated string containing the
hostnames of the validation service nodes.
Ex 'host1.someorg.org,host2.someorg.org'.
When using the HTTP protocol, only one
host name can be specified. (Required).
-pem Certificate is in PEM format (Default).
-port <port> Remote port of service (Default is 8080 or
8442 for SSL).
-protocol <protocol> Protocol to use, either WEBSERVICES or
HTTP. Default: WEBSERVICES.
-service <service-name> The name or ID of the validation service
to process request. (Required)
-silent Don't produce any output, only return
value.
-truststore <jks-file> Path to JKS truststore containing trusted
CA for SSL Server certificates.
-truststorepwd <password> Password to unlock the truststore.
The following values is returned by the program that can be used when scripting.
-2 : Error happened during execution
-1 : Bad arguments
0 : Certificate is valid
1 : Certificate is revoked
2 : Certificate is not yet valid
3 : Certificate have expired
4 : Certificate doesn't verify
5 : CA Certificate have been revoked
6 : CA Certificate is not yet valid
7 : CA Certificate have expired
8 : Certificate have no valid certificate purpose
Sample usages:
a) validatecertificate -service CertValidationWorker -hosts localhost -cert
certificate.pem
b) validatecertificate -service 5806 -hosts localhost -cert certificate.pem
-truststore p12/truststore.jks -truststorepwd changeit
c) validatecertificate -service CertValidationWorker -hosts localhost
-cert certificate.pem -protocol HTTP