[Ejbca-develop] ejbca.sh keybind gencsr and key alias

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

HI!

I'm using

  ejbca.sh cryptotoken generatekey \
    --token "${CT_NAME}" \
    --alias "${KEY_ALIAS}" \
    --keyspec 2048 \
    --verbose

  ejbca.sh keybind gencsr \
    --name "${KB_NAME}" \
    -f "${CSR_FILE_NAME}" \
    --verbose

to generate the next key pair and CSR for an OCSP key binding.
This creates a new key alias in the given crypto token in the same way the
admin UI does when hitting the button for generating a new key for an OCSP key
binding.

But with ejbca.sh keybind gencsr I cannot specify the key alias used for
generating the CSR. How does that work? In my local test the old public key
was put into the CSR.

Ciao, Michael.