@@ -128,70 +128,71 @@ explains how to use the files.
128
128
=== Parameters
129
129
130
130
`ca`:: Specifies to generate a new local certificate authority (CA). This
131
- parameter cannot be used with the `csr` or `cert ` parameters.
131
+ parameter cannot be used with the `csr`, `cert` or `http ` parameters.
132
132
133
133
`cert`:: Specifies to generate new X.509 certificates and keys.
134
- This parameter cannot be used with the `csr` or `ca ` parameters.
134
+ This parameter cannot be used with the `csr`, `ca` or `http ` parameters.
135
135
136
136
`csr`:: Specifies to generate certificate signing requests. This parameter
137
- cannot be used with the `ca` or `cert ` parameters.
137
+ cannot be used with the `ca`, `cert` or `http ` parameters.
138
138
139
139
`http`:: Generates a new certificate or certificate request for the {es} HTTP
140
- interface.
140
+ interface. This parameter cannot be used with the `ca`, `cert` or `csr` parameters.
141
141
142
142
`--ca <file_path>`:: Specifies the path to an existing CA key pair
143
- (in PKCS#12 format). This parameter cannot be used with the `ca` or `csr` parameters .
143
+ (in PKCS#12 format). This parameter is only applicable to the `cert` parameter .
144
144
145
145
`--ca-cert <file_path>`:: Specifies the path to an existing CA certificate (in
146
146
PEM format). You must also specify the `--ca-key` parameter. The `--ca-cert`
147
- parameter cannot be used with the `ca` or `csr` parameters .
147
+ parameter is only applicable to the `cert` parameter .
148
148
149
149
`--ca-dn <name>`:: Defines the _Distinguished Name_ (DN) that is used for the
150
150
generated CA certificate. The default value is
151
151
`CN=Elastic Certificate Tool Autogenerated CA`. This parameter cannot be used
152
- with the `csr` parameter .
152
+ with the `csr` or `http` parameters .
153
153
154
154
`--ca-key <file_path>`:: Specifies the path to an existing CA private key (in
155
155
PEM format). You must also specify the `--ca-cert` parameter. The `--ca-key`
156
- parameter cannot be used with the `ca` or `csr` parameters .
156
+ parameter is only applicable to the `cert` parameter .
157
157
158
158
`--ca-pass <password>`:: Specifies the password for an existing CA private key
159
- or the generated CA private key. This parameter cannot be used with the `ca` or
160
- `csr` parameters.
159
+ or the generated CA private key. This parameter is only applicable to the `cert` parameter
161
160
162
161
`--days <n>`:: Specifies an integer value that represents the number of days the
163
162
generated certificates are valid. The default value is `1095`. This parameter
164
- cannot be used with the `csr` parameter .
163
+ cannot be used with the `csr` or `http` parameters .
165
164
166
165
`--dns <domain_name>`:: Specifies a comma-separated list of DNS names. This
167
- parameter cannot be used with the `ca` parameter .
166
+ parameter cannot be used with the `ca` or `http` parameters .
168
167
169
168
`-E <KeyValuePair>`:: Configures a setting.
170
169
171
170
`-h, --help`:: Returns all of the command parameters.
172
171
173
172
`--in <input_file>`:: Specifies the file that is used to run in silent mode. The
174
- input file must be a YAML file. This parameter cannot be used with the `ca`
175
- parameter .
173
+ input file must be a YAML file. This parameter cannot be used with the `ca` or
174
+ `http` parameters .
176
175
177
176
`--ip <IP_addresses>`:: Specifies a comma-separated list of IP addresses. This
178
- parameter cannot be used with the `ca` parameter .
177
+ parameter cannot be used with the `ca` or `http` parameters .
179
178
180
179
`--keysize <bits>`::
181
180
Defines the number of bits that are used in generated RSA keys. The default
182
- value is `2048`.
181
+ value is `2048`. This parameter cannot be used with the `http` parameter.
183
182
184
183
`--multiple`::
185
184
Specifies to generate files for multiple instances. This parameter cannot be
186
- used with the `ca` parameter .
185
+ used with the `ca` or `http` parameters .
187
186
188
187
`--name <file_name>`::
189
188
Specifies the name of the generated certificate. This parameter cannot be used
190
- with the `ca` parameter .
189
+ with the `ca` or `http` parameters .
191
190
192
- `--out <file_path>`:: Specifies a path for the output files.
191
+ `--out <file_path>`:: Specifies a path for the output files. This parameter
192
+ cannot be used with the `http` parameter.
193
193
194
194
`--pass <password>`:: Specifies the password for the generated private keys.
195
+ This parameter cannot be used with the `http` parameters.
195
196
+
196
197
Keys stored in PKCS#12 format are always password protected, however,
197
198
this password may be _blank_. If you want to specify a blank password
@@ -206,7 +207,7 @@ wish to password-protect your PEM keys, then do not specify
206
207
207
208
208
209
`--pem`:: Generates certificates and keys in PEM format instead of PKCS#12. This
209
- parameter cannot be used with the `csr` parameter .
210
+ parameter cannot be used with the `csr` or `http` parameters .
210
211
211
212
`--self-signed`:: Generates self-signed certificates. This parameter is only
212
213
applicable to the `cert` parameter.
0 commit comments