GenerateKeystoreSysAction

Type of the crypto material.

Algorithm used for the purposes defined by the type.

An alias referencing to given crypto entry.

Password to given crypto entry.

The epoch timestamp in milliseconds of the time this crypto entry shall be used from.

The epoch timestamp in milliseconds of the time this crypto entry shall be used to.

An alias referencing to a crypto entry that is a counterpart to given entry (if any). E.g., alias of a certificate entry to a private key entry described by given alias.

The size of the new key-pair in number of bits.

The signature algorithm of the new X509 certificate of the new key-pair.

The X509 certificate subject domain name ('X500Principal') of the new X509 certificate of the new key-pair.

The key usage extension of the X509 certificate request, represented as a bit string according the RFC5280. (digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, keyCertSign, cRLSign, encipherOnly, decipherOnly)

The set of OIDs to represent the extended key usage extensions of the X509 certificate request.

The set of rfc822 items for the subjectAlternativeName extension of the new X509 certificate of the new key-pair.

The set of dNSName items for the subjectAlternativeName extension of the new X509 certificate of the new key-pair.

CA:FALSE or CA:TRUE or the new X509 certificate.

The reference or the keystore itself with the private key and respective certificate with CA capabilities to be able to sign and create new key-pairs. The new key-pair is self-signed in case there is no issuer.

The decision whether to use algorithm, signature algorithm and key size configuration from the issuer.