TrustPort eSign PRO: Command Line - Configuration file contents

Using the configuration file

Using the configuration file you can save some options. It is possible to use them as default possibilities unless you specified them in other way by commandline parameters. You can use your own configuration file with parameter --inifile=filename , e.g. esign --inifile=my.ini , default configuration file may be used by parameter -u or --useconfig .

The configuration file is divided into sections USER , USAGE , OTHER and SEARCH . All sections and all items within them are optional and could be omitted.

Section USER

Contains information about the certificate owner:

  • COMMONNAME ... name of certificate owner (person, IP address,...),
  • ORGNAME ... name of the organization,
  • ORGUNIT ... name of the unit in organization,
  • POSTADDR ... organization address,
  • COUNTRY ... two letters long country shortcut,
  • TLFNUMBER ... phone number,
  • EMAIL ... e-mail.

You need to specify name and e-mail to have a reasonable information in certificate.

Section USAGE

Contains information about the usage of the certificate:

  • SIGNATURE ... using the key for signing, only two values are allowed here - 1 or 0,
  • ENCRYPHERMENT ... using the key for encrypting, only two values are allowed here - 1 or 0,
  • KEYAGREEMENT ... using the key for negotiation about key, only two values are allowed here - 1 or 0,
  • SERVERAUTHENTICATION ... the certificate will (not) be used for server authentication, only two values are allowed here - 1 or 0,
  • CLIENTAUTHENTICATION ... the certificate will (not) be used for client authentication, only two values are allowed here - 1 or 0,
  • CODESIGNING ... the certificate will (not) be used for code signing, only two values are allowed here - 1 or 0,
  • SECUREEMAIL ... the certificate will (not) be used for securing e-mails, only two values are allowed here - 1 or 0,

Section OTHER

Contains other information:

  • MODE ... default mode, allowed values are "into-storage", "by-storage", "save-to-file" or "save-separate",
  • FILETYPE ... internal file format, allowed values are BIN, PEM or TRAIL,
  • NOPASSWORD ... generated key or file will not be (will be) secured by password, only two values are allowed here - 1 or 0,
  • EXPORTTYPE ... type of exported file, allowed values are CER, P7C or P12,
  • SGNALG ... the algorithm used for signing, allowed values are SHA-1, MD-5, RIPEMD-160, SHA-256, SHA-384 or SHA-512,
  • ENCALG ... the algorithm used for encrypting, allowed values are 3DES, DES, RC2, Cast or Rijndael,
  • PUBKEYALG ... public key algorithm, used when generating the key pair, allowed values are RSA, DSA, DH or ELLIPTIC.

Section SEARCH

This section contains flags which affect the searching for certificates through patterns (parameter -O ), any of these flags might only be set to either 1 or 0:

  • ALIAS ,
  • OWNERKEYID ,
  • ISSSUERHASH ,
  • EMAIL ,
  • PUBKEYHASH ,
  • CAISSSUERHASH ,
  • OWNERHASH ,
  • ISSUERKEYID ,
  • COMMONNAME .

If you use at least one of these parameters and you arbitrary omit another one, the behavior of application will be same as though the letter parameter was given with value 0. If none of these parameters is used so even if you used configuration file, the search will be performed by all of these parameters (default behaviour).

An example of configuration file:

	[USER] 
        COMMONNAME=192.168.0.207 
        ORGNAME=TrustPort, a.s. 
        ORGUNIT=Development 
        POSTADDR=Holandska 2, Brno 
        COUNTRY=cz 
        TLFNUMBER=123456789 
        EMAIL=info@trustport.com 
        [USAGE] 
        SIGNATURE=1 
        ENCRYPHERMENT=1 
        KEYAGREEMENT=1 
        SERVERAUTHENTICATION=1 
        CLIENTAUTHENTICATION=0 
        CODESIGNING=0 
        SECUREEMAIL=0 
        [OTHER] 
        MODE=into-storage 
        FILETYPE=BIN 
        NOPASSWORD=1 
        EXPORTTYPE=CER 
        SGNALG=SHA-1 
        ENCALG=3DES 
        PUBKEYALG=DSA 
        [SEARCH] 
        ALIAS=1 
        OWNERKEYID=0 
        ISSSUERHASH=0 
        EMAIL=1 
        PUBKEYHASH=0 
        CAISSSUERHASH=0 
        OWNERHASH=0 
        ISSUERKEYID=0 
        COMMONNAME=1
		

Related references

Main Page
Command Line


Copyright 2010, TrustPort, a.s., All rights reserved.