Usage82 Netscape Certificate Management System Command-Line Tools Guide • March 2002Usage Key Database Tool’s capabilities are grouped as follows, using these combinationsof options and arguments. The specifications in square brackets are optional, thosewithout square brackets are required.• Creating a new key3.db file and setting its password:-N [-d keydir] [-w password-file]• Changing the password to a key database file:-C [-d keydir]• Generating new RSA key pairs in a key database file:-G [-h tokenname] [-t rsa] [-s num] [-e exp] [-d keydir][-f noise-file] [-w password-file]• Generating new DSA key pairs in a key database file:-G [-h tokenname] -t dsa [-q pqgfile -s num][-d keydir] [-w password-file]• Listing the keyIDs of the keys in a database:-L [-a] [-l] [-t rsa|dsa] [-h tokenname] [-d keydir]-l List DSA as well as RSA keys when listing keys in the key database.-q pqgfile Read an alternate PQG value from the specified file when generating DSA keypairs. If this argument is not used, Key Database Tool generates its own PQGvalue. PQG files are created with a separate DSA utility.-s size Set a key size to use when generating new public and private key pairs. Theminimum is 256 bits and the maximum is 1024 bits. The default is 1024bits. Any size between the minimum and maximum is allowed.-t rsa|dsa Specify the type of a key, either RSA or DSA. The default value is rsa. Byspecifying the type of key you can avoid mistakes caused by duplicateshortkeyIDs.-w password-file Specify a file to automatically supply the password necessary to access a keydatabase. This is a plain-text file containing one password. You should not usethis argument if you are accessing an internal slot and hardware tokens that usedifferent passwords. Be sure to prevent unauthorized access to this file.Table 12-1 Description of options and arguments (Continued)