Syntax78 Netscape Certificate Management System Command-Line Tools Guide • October 2001Syntax To run Key Database Tool, type the commandkeyutil option [arguments]where option and arguments are combinations of the options and arguments listedin the following section. Each command takes one option. Each option may takezero or more arguments. To see a usage string, issue the command withoutoptions, or with the -H option.Options and ArgumentsOptions specify an action and are uppercase. Option arguments modify an actionand are lowercase. Key Database Tool options and their arguments are defined asfollows:Table 12-1 Description of options and argumentsOption Description-N Create a new key database and set its password.Use the -h tokenname argument to specify a specific hardware or software tokenin which to create the new database.-C Change the password to a key database.-G Generate a new public and private key pair within a database. The key databaseshould already exist; if one is not present, this option will initialize one bydefault.Some smart cards (for example, the Litronic card) can store only one key pair. Ifyou create a new key pair for such a card, the previous pair is overwritten.-L List the keyID of keys in the key database. A keyID is the modulus of the RSAkey or the publicValue of the DSA key. IDs are displayed in hexadecimal(“0x” is not shown).You can identify keys by a shortkeyID. The shortkeyID is the first few bytes ofthe keyID, starting from the second byte, with a length sufficient to identify ituniquely.Use the -a argument to list keys of all tokens. Otherwise the list will containonly keys in the default (internal) slot.Use the -l argument to list DSA as well as RSA keys.-P Display public key information on the screen.