Note on usage
Function: Show properties of RSA keys
User group: FT administrator
Alias name: FTSHWKEY
Functional description
You can use the SHOW-FT-KEY command to output the properties of RSA keys. You can display the RSA keys of your own instance as well as the RSA keys of partners.
Format
SHOW-FT-KEY / FTSHWKEY |
SELECT = *ALL / *OWN / *PARAMETERS (...) *PARAMETERS(...) PARTNER-NAME = *ALL / <name 1..8> ,EXPIRATION-DATE = *NOT-SPEC IFIED / *NONE / *EXCEEDED / *UNTIL(DATE = <date 8..10>) / *WITHIN(DAYS = <integer 1..1000>) ,OUTPUT = *SYSOUT (...) / *SYSLST(...) *SYSOUT (...) / *SYSLST(...) LAYOUT = *STD / *CSV |
Operands
SELECT =
Selects which keys are to be displayed.
SELECT = *ALL
Displays the keys of your own instance and the installed keys of all the partner systems.
SELECT = *OWN
Displays the keys of your own instance.
SELECT = *PARAMETERS(...)
Specifies selection criteria for the keys which are to be displayed.
PARTNER-NAME =
Partner whose key is to be displayed.
PARTNER-NAME = *ALL
Displays the installed keys of all partners.
PARTNER-NAME = <name 1..8>
Name of the partner whose key is to be displayed.
EXPIRATION-DATE =
Selects keys on the basis of their expiration date.
EXPIRATION-DATE = *NOT-SPECIFIED
The keys of the partners are displayed irrespective of their expiration date.
EXPIRATION-DATE = *NONE
Displays all partner keys that do not have an expiration date.
EXPIRATION-DATE = *EXCEEDED
Displays all partner keys that have already expired.
EXPIRATION-DATE = *UNTIL(...)
Displays all partner keys that will become invalid by a particular date.
DATE=<date 8...10>
Date in the format yyyy-mm-dd or yy-mm-dd, e.g. 2018-03-31 or 18-03-31 for March 31, 2018, by which date the keys will become invalid. The time on the specified day is 00:00 local time.
EXPIRATION-DATE = *WITHIN(...)
Displays all partner keys that will expire within the specified number of days.
DAYS = <integer 1...1000>
Number of days within which the keys will become invalid. The time on the last day of the period is 00:00 local time.
OUTPUT =
Output medium for the requested information.
OUTPUT = *SYSOUT (...)
Output is written to SYSOUT.
OUTPUT = *SYSLST(...)
Output is written to SYSLST.
LAYOUT = *STD
Output takes place in a format which is easy for the user to read.
LAYOUT = *CSV
Output takes place in Character Separated Values format. This is a table-type format which is widely used, especially in the PC environment, and in which the individual fields are separated by a semicolon “;“ (see section “SHOW-FT-KEY”).
OPS variables
The following table shows the OPS variables of the SHOW-FT-KEYS command.
Element | Type | Output |
REF | Integer | Value |
IDENTIFICATION | String | Value / *OWN |
PARTNER-NAME | String | Value / *OWN |
CRE-DATE | String | yyyy-mm-dd |
EXP-DATE | String | yyyy-mm-dd / *NONE |
EXPIRED | String | *YES / *NO |
KEY-LENGTH | Integer | Value |
AUTH-LEV | Integer | Value |
Example
|
Explanation:
CRE-DATE
Date on which the key was generated.
EXP-DATE
Date on which the key expires. The time on the specified day is 00:00 local time. EXPIRED means that the key has already expired.
If there is no specification here then there is no expiration date.
KEY-LEN
Key length in bits: 768, 1024, 2048, 3072 or 4096
KEY-REF
Key reference
AUTHL Authentication level: 1 or 2
PARTNER
Partner’s name. This field is left empty for keys belonging to your own instance.
IDENTIFICATION
Partner’s instance ID. This field is left empty for keys belonging to your own instance.
Command return codes
(SC2) | SC1 | Maincode | Meaning |
83 | 32 | CMD0221 | Internal error. |
88 | 32 | CMD0221 | Error during OPS generation. |
89 | 32 | CMD0221 | Error in key file. |
35 | 64 | FTR1035 | Command only permissible for FT administrator. |
76 | 64 | FTR1076 | Selected key file not found. |
SC1/2 = Subcode 1/2 in decimal notation For additional information, see section “Command return codes”. | |||