.png){kind=logo}
validatecertificate
Use the SignClient validatecertificate command to request a certificate to be validated by the specified service.
Usage
CODE
usage: signclient validatecertificate <options>
-cert <cert-file> Path to certificate file (DER or PEM)(Required).
-certpurposes <certpurposes> A ',' separated string containing requested certificate purposes.
-der Certificate is in DER format.
-help Display this info.
-hosts <hosts> A ',' separated string containing the hostnames of the validation service nodes.
Ex 'host1.someorg.org,host2.someorg.org'.
When using the HTTP protocol, only one host name can be specified. (Required).
-pem Certificate is in PEM format (Default).
-port <port> Remote port of service (Default is 8080 or 8442 for SSL).
-protocol <protocol> Protocol to use, either WEBSERVICES or HTTP. Default: WEBSERVICES.
-service <service-name> The name or ID of the validation service to process request. (Required)
-silent Don't produce any output, only return value.
-truststore <jks-file> Path to JKS truststore containing trusted CA for SSL Server certificates.
-truststorepwd <password> Password to unlock the truststore.
The following values are returned by the program that can be used when scripting:
-2 : Error happened during execution
-1 : Bad arguments
0 : Certificate is valid
1 : Certificate is revoked
2 : Certificate is not yet valid
3 : Certificate have expired
4 : Certificate doesn't verify
5 : CA Certificate have been revoked
6 : CA Certificate is not yet valid
7 : CA Certificate have expired
8 : Certificate have no valid certificate purpose Sample Usages
CODE
a) validatecertificate -service CertValidationWorker -hosts localhost -cert certificate.pem
b) validatecertificate -service 5806 -hosts localhost -cert certificate.pem -truststore p12/truststore.jks -truststorepwd changeit
c) validatecertificate -service CertValidationWorker -hosts localhost -cert certificate.pem -protocol HTTP