1TSSCREATEEKCERT(1)               User Commands              TSSCREATEEKCERT(1)
2
3
4

NAME

6       tsscreateekcert - Runs TPM2 createekcert
7

SYNOPSIS

9       createekcert -rsa 2048     -cakey cakey.pem    -capwd rrrr -v
10       createekcert -ecc nistp256 -cakey cakeyecc.pem -capwd rrrr -caalg ec -v
11

DESCRIPTION

13       createekcert
14
15       Provisions an EK certificate using the default IWG template E.g.,
16
17       [-pwdp platform    hierarchy password (default empty)]
18
19       [-pwde endorsement hierarchy password (default empty)]
20
21       [-pwdk password for endorsement key (default empty)]
22
23       -cakey CA PEM key file name
24
25       [-capwd
26              CA PEM key password (default empty)]
27
28       [-caalg
29              CA key algorithm (rsa or ecc) (default rsa)]
30
31       [-high Use the NV high range.  Specify before algorithm]
32
33       -rsa keybits
34
35              2048 3072
36
37       -ecc curve
38
39              nistp256 nistp384 nistp521
40
41       [-noflush
42              do not flush the primary key]
43
44       [-of   DER certificate output file name]
45
46       Currently:
47
48              Certificate issuer, subject, and validity are hard coded.
49
50
51
52tsscreateekcert 1.6              November 2020              TSSCREATEEKCERT(1)
Impressum