TSSCREATEEKCERT

Section: User Commands (1)
Updated: November 2020
Page Index

---

 

NAME

tsscreateekcert - Runs TPM2 createekcert  

SYNOPSIS

createekcert ,-rsa 2048 -cakey cakey.pem -capwd rrrr -v/
createekcert ,-ecc nistp256 -cakey cakeyecc.pem -capwd rrrr -caalg ec -v/  

DESCRIPTION

createekcert

Provisions an EK certificate using the default IWG template E.g.,

[-pwdp

platform hierarchy password (default empty)]

[-pwde

endorsement hierarchy password (default empty)]

[-pwdk

password for endorsement key (default empty)]

-cakey

CA PEM key file name

[-capwd

CA PEM key password (default empty)]

[-caalg

CA key algorithm (rsa or ecc) (default rsa)]

[-high

Use the NV high range. Specify before algorithm]

-rsa keybits

2048 3072

-ecc curve

nistp256 nistp384 nistp521

[-noflush

do not flush the primary key]

[-of

DER certificate output file name]

Currently:

Certificate issuer, subject, and validity are hard coded.

---

 

Index

NAME

SYNOPSIS

DESCRIPTION

Index (this page) | LinuxReviews : manual page archive : man1