Command: keyutil keygen
dn <distinguished name>: given dn must be enclosed by double quotes if it includes spaces and be of the format shown in the example below.
pw <Key store password>: pw is the password that protects the private key and must be a regular passphrase.
keysize <key size>: keysize is the number of RSA bits. Must be 2048 or 4096.
keyfile <file in which to store private key>: keyfile is the file that will contain the protected private key.
p10file <file name>: p10file is the file name of the PKCS#10 certificate request. This is the file that shall be sent to Nets upon configuration.
./keyutil.sh keygen -dn "CN=Customer A,O=Customer A,C=NO" –pw password -keysize 2048 –keyfile customerA.key -p10file customerA.p10
If successful, the output is a Base64 PEM encoded PKCS#10 written to the specified file while status, filenames and PKCS#10 hash is shown on the screen. The key file is created and will be deleted during certificate import.
RSA key pair successfully generated
PKCS#10 certificate request written to customerA.p10
Key file written to customerA.key