Search in sources :

Example 31 with BooleanArgument

use of com.unboundid.util.args.BooleanArgument in project ldapsdk by pingidentity.

the class LDAPDiff method addNonLDAPArguments.

/**
 * {@inheritDoc}
 */
@Override()
public void addNonLDAPArguments(@NotNull final ArgumentParser parser) throws ArgumentException {
    this.parser = parser;
    // Add the general arguments.
    baseDNArg = new DNArgument('b', "baseDN", true, 1, INFO_LDAP_DIFF_ARG_PLACEHOLDER_BASE_DN.get(), INFO_LDAP_DIFF_ARG_DESC_BASE_DN.get());
    baseDNArg.addLongIdentifier("base-dn", true);
    baseDNArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(baseDNArg);
    sourceDNsFileArg = new FileArgument(null, "sourceDNsFile", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_SOURCE_DNS_FILE.get(), true, true, true, false);
    sourceDNsFileArg.addLongIdentifier("source-dns-file", true);
    sourceDNsFileArg.addLongIdentifier("sourceDNFile", true);
    sourceDNsFileArg.addLongIdentifier("source-dn-file", true);
    sourceDNsFileArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(sourceDNsFileArg);
    targetDNsFileArg = new FileArgument(null, "targetDNsFile", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_TARGET_DNS_FILE.get(), true, true, true, false);
    targetDNsFileArg.addLongIdentifier("target-dns-file", true);
    targetDNsFileArg.addLongIdentifier("targetDNFile", true);
    targetDNsFileArg.addLongIdentifier("target-dn-file", true);
    targetDNsFileArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(targetDNsFileArg);
    excludeBranchArg = new DNArgument('B', "excludeBranch", false, 0, null, INFO_LDAP_DIFF_ARG_DESC_EXCLUDE_BRANCH.get());
    excludeBranchArg.addLongIdentifier("exclude-branch", true);
    excludeBranchArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(excludeBranchArg);
    searchFilterArg = new FilterArgument('f', "searchFilter", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_FILTER.get(), Filter.createPresenceFilter("objectClass"));
    searchFilterArg.addLongIdentifier("search-filter", true);
    searchFilterArg.addLongIdentifier("filter", true);
    searchFilterArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(searchFilterArg);
    searchScopeArg = new ScopeArgument('s', "searchScope", false, null, INFO_LDAP_DIFF_ARG_DESC_SCOPE.get(), SearchScope.SUB);
    searchScopeArg.addLongIdentifier("search-scope", true);
    searchScopeArg.addLongIdentifier("scope", true);
    searchScopeArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(searchScopeArg);
    outputLDIFArg = new FileArgument('o', "outputLDIF", true, 1, null, INFO_LDAP_DIFF_ARG_DESC_OUTPUT_LDIF.get(), false, true, true, false);
    outputLDIFArg.addLongIdentifier("output-ldif", true);
    outputLDIFArg.addLongIdentifier("outputFile", true);
    outputLDIFArg.addLongIdentifier("output-file", true);
    outputLDIFArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(outputLDIFArg);
    wrapColumnArg = new IntegerArgument(null, "wrapColumn", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_WRAP_COLUMN.get(), 0, Integer.MAX_VALUE, 0);
    wrapColumnArg.addLongIdentifier("wrap-column", true);
    wrapColumnArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(wrapColumnArg);
    quietArg = new BooleanArgument('Q', "quiet", 1, INFO_LDAP_DIFF_ARG_DESC_QUIET.get());
    quietArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(quietArg);
    numThreadsArg = new IntegerArgument(null, "numThreads", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_NUM_THREADS.get(), 1, Integer.MAX_VALUE, 20);
    numThreadsArg.addLongIdentifier("num-threads", true);
    numThreadsArg.addLongIdentifier("numConnections", true);
    numThreadsArg.addLongIdentifier("num-connections", true);
    numThreadsArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(numThreadsArg);
    numPassesArg = new IntegerArgument(null, "numPasses", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_NUM_PASSES.get(), 1, Integer.MAX_VALUE, 3);
    numPassesArg.addLongIdentifier("num-passes", true);
    numPassesArg.addLongIdentifier("maxPasses", true);
    numPassesArg.addLongIdentifier("max-passes", true);
    numPassesArg.addLongIdentifier("maximum-Passes", true);
    numPassesArg.addLongIdentifier("maximum-passes", true);
    numPassesArg.addLongIdentifier("passes", true);
    numPassesArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(numPassesArg);
    secondsBetweenPassesArg = new IntegerArgument(null, "secondsBetweenPasses", false, 1, null, INFO_LDAP_DIFF_ARG_DESC_SECONDS_BETWEEN_PASSES.get(), 0, Integer.MAX_VALUE, 2);
    secondsBetweenPassesArg.addLongIdentifier("seconds-between-passes", true);
    secondsBetweenPassesArg.addLongIdentifier("secondsBetweenPass", true);
    secondsBetweenPassesArg.addLongIdentifier("seconds-between-pass", true);
    secondsBetweenPassesArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(secondsBetweenPassesArg);
    byteForByteArg = new BooleanArgument(null, "byteForByte", 1, INFO_LDAP_DIFF_ARG_DESC_BYTE_FOR_BYTE.get());
    byteForByteArg.addLongIdentifier("byte-for-byte", true);
    byteForByteArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(byteForByteArg);
    missingOnlyArg = new BooleanArgument(null, "missingOnly", 1, INFO_LDAP_DIFF_ARG_DESC_MISSING_ONLY.get());
    missingOnlyArg.addLongIdentifier("missing-only", true);
    missingOnlyArg.addLongIdentifier("onlyMissing", true);
    missingOnlyArg.addLongIdentifier("only-missing", true);
    missingOnlyArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(missingOnlyArg);
    // Add legacy arguments that will be used to help provide compatibility with
    // an older version of this tool.
    useLegacyExitCodeArg = new BooleanArgument(null, "useLegacyExitCode", 1, INFO_LDAP_DIFF_ARG_DESC_USE_LEGACY_EXIT_CODE.get());
    useLegacyExitCodeArg.addLongIdentifier("use-legacy-exit-code", true);
    useLegacyExitCodeArg.addLongIdentifier("useLegacyResultCode", true);
    useLegacyExitCodeArg.addLongIdentifier("use-legacy-result-code", true);
    useLegacyExitCodeArg.addLongIdentifier("legacyExitCode", true);
    useLegacyExitCodeArg.addLongIdentifier("legacy-exit-code", true);
    useLegacyExitCodeArg.addLongIdentifier("legacyResultCode", true);
    useLegacyExitCodeArg.addLongIdentifier("legacy-result-code", true);
    useLegacyExitCodeArg.setArgumentGroupName(INFO_LDAP_DIFF_ARG_GROUP_PROCESSING_ARGS.get());
    parser.addArgument(useLegacyExitCodeArg);
    legacySourceHostArg = new StringArgument('h', null, false, 1, null, "");
    legacySourceHostArg.setHidden(true);
    parser.addArgument(legacySourceHostArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceHostname"), legacySourceHostArg);
    legacySourcePortArg = new IntegerArgument('p', null, false, 1, null, "", 1, 65535);
    legacySourcePortArg.setHidden(true);
    parser.addArgument(legacySourcePortArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourcePort"), legacySourcePortArg);
    legacySourceBindDNArg = new DNArgument('D', null, false, 1, null, "");
    legacySourceBindDNArg.setHidden(true);
    parser.addArgument(legacySourceBindDNArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceBindDN"), legacySourceBindDNArg);
    legacySourceBindPasswordArg = new StringArgument('w', null, false, 1, null, "");
    legacySourceBindPasswordArg.setHidden(true);
    parser.addArgument(legacySourceBindPasswordArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceBindPassword"), legacySourceBindPasswordArg);
    legacyTargetHostArg = new StringArgument('O', null, false, 1, null, "");
    legacyTargetHostArg.setHidden(true);
    parser.addArgument(legacyTargetHostArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetHostname"), legacyTargetHostArg);
    legacyTargetBindPasswordFileArg = new FileArgument('F', null, false, 1, null, "", true, true, true, false);
    legacyTargetBindPasswordFileArg.setHidden(true);
    parser.addArgument(legacyTargetBindPasswordFileArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetBindPasswordFile"), legacyTargetBindPasswordFileArg);
    legacyTrustAllArg = new BooleanArgument('X', "trustAll", 1, "");
    legacyTrustAllArg.setHidden(true);
    parser.addArgument(legacyTrustAllArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceTrustAll"), legacyTrustAllArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetTrustAll"), legacyTrustAllArg);
    legacyKeyStorePathArg = new FileArgument('K', "keyStorePath", false, 1, null, "", true, true, true, false);
    legacyKeyStorePathArg.setHidden(true);
    parser.addArgument(legacyKeyStorePathArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceKeyStorePath"), legacyKeyStorePathArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetKeyStorePath"), legacyKeyStorePathArg);
    legacyKeyStorePasswordArg = new StringArgument('W', "keyStorePassword", false, 1, null, "");
    legacyKeyStorePasswordArg.setSensitive(true);
    legacyKeyStorePasswordArg.setHidden(true);
    parser.addArgument(legacyKeyStorePasswordArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceKeyStorePassword"), legacyKeyStorePasswordArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetKeyStorePassword"), legacyKeyStorePasswordArg);
    legacyKeyStorePasswordFileArg = new FileArgument('u', "keyStorePasswordFile", false, 1, null, "", true, true, true, false);
    legacyKeyStorePasswordFileArg.setHidden(true);
    parser.addArgument(legacyKeyStorePasswordFileArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceKeyStorePasswordFile"), legacyKeyStorePasswordFileArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetKeyStorePasswordFile"), legacyKeyStorePasswordFileArg);
    legacyKeyStoreFormatArg = new StringArgument(null, "keyStoreFormat", false, 1, null, "");
    legacyKeyStoreFormatArg.setHidden(true);
    parser.addArgument(legacyKeyStoreFormatArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceKeyStoreFormat"), legacyKeyStoreFormatArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetKeyStoreFormat"), legacyKeyStoreFormatArg);
    legacyCertNicknameArg = new StringArgument('N', "certNickname", false, 1, null, "");
    legacyCertNicknameArg.setHidden(true);
    parser.addArgument(legacyCertNicknameArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceCertNickname"), legacyCertNicknameArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetCertNickname"), legacyCertNicknameArg);
    legacyTrustStorePathArg = new FileArgument('P', "trustStorePath", false, 1, null, "", true, true, true, false);
    legacyTrustStorePathArg.setHidden(true);
    parser.addArgument(legacyTrustStorePathArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceTrustStorePath"), legacyTrustStorePathArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetTrustStorePath"), legacyTrustStorePathArg);
    legacyTrustStorePasswordArg = new StringArgument(null, "trustStorePassword", false, 1, null, "");
    legacyTrustStorePasswordArg.setSensitive(true);
    legacyTrustStorePasswordArg.setHidden(true);
    parser.addArgument(legacyTrustStorePasswordArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceTrustStorePassword"), legacyTrustStorePasswordArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetTrustStorePassword"), legacyTrustStorePasswordArg);
    legacyTrustStorePasswordFileArg = new FileArgument('U', "trustStorePasswordFile", false, 1, null, "", true, true, true, false);
    legacyTrustStorePasswordFileArg.setHidden(true);
    parser.addArgument(legacyTrustStorePasswordFileArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceTrustStorePasswordFile"), legacyTrustStorePasswordFileArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetTrustStorePasswordFile"), legacyTrustStorePasswordFileArg);
    legacyTrustStoreFormatArg = new StringArgument(null, "trustStoreFormat", false, 1, null, "");
    legacyTrustStoreFormatArg.setHidden(true);
    parser.addArgument(legacyTrustStoreFormatArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("sourceTrustStoreFormat"), legacyTrustStoreFormatArg);
    parser.addExclusiveArgumentSet(parser.getNamedArgument("targetTrustStoreFormat"), legacyTrustStoreFormatArg);
}
Also used : DNArgument(com.unboundid.util.args.DNArgument) ScopeArgument(com.unboundid.util.args.ScopeArgument) FilterArgument(com.unboundid.util.args.FilterArgument) IntegerArgument(com.unboundid.util.args.IntegerArgument) BooleanArgument(com.unboundid.util.args.BooleanArgument) FileArgument(com.unboundid.util.args.FileArgument) StringArgument(com.unboundid.util.args.StringArgument)

Example 32 with BooleanArgument

use of com.unboundid.util.args.BooleanArgument in project ldapsdk by pingidentity.

the class LDAPDiff method setArgumentPresent.

/**
 * Updates the specified argument to indicate that it was provided on the
 * command line.
 *
 * @param  argumentName  The name of the argument to update as present.  It
 *                       must not be {@code null} and must reference a defined
 *                       Boolean argument.
 *
 * @throws  ArgumentException  If a problem occurs while attempting to mark
 *                             the specified argument as present.
 */
private void setArgumentPresent(@NotNull final String argumentName) throws ArgumentException {
    try {
        final BooleanArgument argument = parser.getBooleanArgument(argumentName);
        final Method incrementOccurrencesMethod = Argument.class.getDeclaredMethod("incrementOccurrences");
        incrementOccurrencesMethod.setAccessible(true);
        incrementOccurrencesMethod.invoke(argument);
    } catch (final Exception e) {
        Debug.debugException(e);
        throw new ArgumentException(ERR_LDAP_DIFF_CANNOT_SET_ARG_PRESENT.get(argumentName, StaticUtils.getExceptionMessage(e)), e);
    }
}
Also used : BooleanArgument(com.unboundid.util.args.BooleanArgument) Method(java.lang.reflect.Method) ArgumentException(com.unboundid.util.args.ArgumentException) ArgumentException(com.unboundid.util.args.ArgumentException) LDAPException(com.unboundid.ldap.sdk.LDAPException) IOException(java.io.IOException)

Example 33 with BooleanArgument

use of com.unboundid.util.args.BooleanArgument in project ldapsdk by pingidentity.

the class ManageCertificates method addToolArguments.

/**
 * Adds the command-line arguments supported for use with this tool to the
 * provided argument parser.  The tool may need to retain references to the
 * arguments (and/or the argument parser, if trailing arguments are allowed)
 * to it in order to obtain their values for use in later processing.
 *
 * @param  parser  The argument parser to which the arguments are to be added.
 *
 * @throws  ArgumentException  If a problem occurs while adding any of the
 *                             tool-specific arguments to the provided
 *                             argument parser.
 */
@Override()
public void addToolArguments(@NotNull final ArgumentParser parser) throws ArgumentException {
    globalParser = parser;
    // Define the "list-certificates" subcommand and all of its arguments.
    final ArgumentParser listCertsParser = new ArgumentParser("list-certificates", INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get());
    final FileArgument listCertsKeystore = new FileArgument(null, "keystore", (JVM_DEFAULT_CACERTS_FILE == null), 1, null, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_DESC.get(), true, true, true, false);
    listCertsKeystore.addLongIdentifier("keystore-path", true);
    listCertsKeystore.addLongIdentifier("keystorePath", true);
    listCertsKeystore.addLongIdentifier("keystore-file", true);
    listCertsKeystore.addLongIdentifier("keystoreFile", true);
    listCertsParser.addArgument(listCertsKeystore);
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        final BooleanArgument listCertsUseJVMDefault = new BooleanArgument(null, "use-jvm-default-trust-store", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_JVM_DEFAULT_DESC.get(JVM_DEFAULT_CACERTS_FILE.getAbsolutePath()));
        listCertsUseJVMDefault.addLongIdentifier("useJVMDefaultTrustStore", true);
        listCertsUseJVMDefault.addLongIdentifier("jvm-default", true);
        listCertsUseJVMDefault.addLongIdentifier("jvmDefault", true);
        listCertsParser.addArgument(listCertsUseJVMDefault);
        listCertsParser.addRequiredArgumentSet(listCertsUseJVMDefault, listCertsKeystore);
        listCertsParser.addExclusiveArgumentSet(listCertsUseJVMDefault, listCertsKeystore);
    }
    final StringArgument listCertsKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_DESC.get());
    listCertsKeystorePassword.addLongIdentifier("keystorePassword", true);
    listCertsKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    listCertsKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    listCertsKeystorePassword.addLongIdentifier("keystore-pin", true);
    listCertsKeystorePassword.addLongIdentifier("keystorePIN", true);
    listCertsKeystorePassword.addLongIdentifier("storepass", true);
    listCertsKeystorePassword.setSensitive(true);
    listCertsParser.addArgument(listCertsKeystorePassword);
    final FileArgument listCertsKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    listCertsParser.addArgument(listCertsKeystorePasswordFile);
    final BooleanArgument listCertsPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_PROMPT_FOR_KS_PW_DESC.get());
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    listCertsParser.addArgument(listCertsPromptForKeystorePassword);
    final StringArgument listCertsKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    listCertsKeystoreType.addLongIdentifier("key-store-type", true);
    listCertsKeystoreType.addLongIdentifier("keystoreType", true);
    listCertsKeystoreType.addLongIdentifier("keystore-format", true);
    listCertsKeystoreType.addLongIdentifier("key-store-format", true);
    listCertsKeystoreType.addLongIdentifier("keystoreFormat", true);
    listCertsKeystoreType.addLongIdentifier("storetype", true);
    listCertsParser.addArgument(listCertsKeystoreType);
    final StringArgument listCertsAlias = new StringArgument(null, "alias", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_ALIAS_DESC.get());
    listCertsAlias.addLongIdentifier("nickname", true);
    listCertsParser.addArgument(listCertsAlias);
    final BooleanArgument listCertsDisplayPEM = new BooleanArgument(null, "display-pem-certificate", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_PEM_DESC.get());
    listCertsDisplayPEM.addLongIdentifier("displayPEMCertificate", true);
    listCertsDisplayPEM.addLongIdentifier("display-pem", true);
    listCertsDisplayPEM.addLongIdentifier("displayPEM", true);
    listCertsDisplayPEM.addLongIdentifier("show-pem-certificate", true);
    listCertsDisplayPEM.addLongIdentifier("showPEMCertificate", true);
    listCertsDisplayPEM.addLongIdentifier("show-pem", true);
    listCertsDisplayPEM.addLongIdentifier("showPEM", true);
    listCertsDisplayPEM.addLongIdentifier("pem", true);
    listCertsDisplayPEM.addLongIdentifier("rfc", true);
    listCertsParser.addArgument(listCertsDisplayPEM);
    final BooleanArgument listCertsVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_VERBOSE_DESC.get());
    listCertsParser.addArgument(listCertsVerbose);
    final BooleanArgument listCertsDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_COMMAND_DESC.get());
    listCertsDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    listCertsDisplayCommand.addLongIdentifier("show-keytool-command", true);
    listCertsDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    listCertsParser.addArgument(listCertsDisplayCommand);
    listCertsParser.addExclusiveArgumentSet(listCertsKeystorePassword, listCertsKeystorePasswordFile, listCertsPromptForKeystorePassword);
    final LinkedHashMap<String[], String> listCertsExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(3));
    listCertsExamples.put(new String[] { "list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore") }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    listCertsExamples.put(new String[] { "list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--verbose", "--display-pem-certificate", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_2.get(getPlatformSpecificPath("config", "keystore.p12"), getPlatformSpecificPath("config", "keystore.pin")));
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        listCertsExamples.put(new String[] { "list-certificates", "--use-jvm-default-trust-store" }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_3.get());
    }
    final SubCommand listCertsSubCommand = new SubCommand("list-certificates", INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get(), listCertsParser, listCertsExamples);
    listCertsSubCommand.addName("listCertificates", true);
    listCertsSubCommand.addName("list-certs", true);
    listCertsSubCommand.addName("listCerts", true);
    listCertsSubCommand.addName("list", true);
    parser.addSubCommand(listCertsSubCommand);
    // Define the "export-certificate" subcommand and all of its arguments.
    final ArgumentParser exportCertParser = new ArgumentParser("export-certificate", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get());
    final FileArgument exportCertKeystore = new FileArgument(null, "keystore", (JVM_DEFAULT_CACERTS_FILE == null), 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_DESC.get(), true, true, true, false);
    exportCertKeystore.addLongIdentifier("keystore-path", true);
    exportCertKeystore.addLongIdentifier("keystorePath", true);
    exportCertKeystore.addLongIdentifier("keystore-file", true);
    exportCertKeystore.addLongIdentifier("keystoreFile", true);
    exportCertParser.addArgument(exportCertKeystore);
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        final BooleanArgument exportCertUseJVMDefault = new BooleanArgument(null, "use-jvm-default-trust-store", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERTS_ARG_JVM_DEFAULT_DESC.get(JVM_DEFAULT_CACERTS_FILE.getAbsolutePath()));
        exportCertUseJVMDefault.addLongIdentifier("useJVMDefaultTrustStore", true);
        exportCertUseJVMDefault.addLongIdentifier("jvm-default", true);
        exportCertUseJVMDefault.addLongIdentifier("jvmDefault", true);
        exportCertParser.addArgument(exportCertUseJVMDefault);
        exportCertParser.addRequiredArgumentSet(exportCertUseJVMDefault, exportCertKeystore);
        exportCertParser.addExclusiveArgumentSet(exportCertUseJVMDefault, exportCertKeystore);
    }
    final StringArgument exportCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_DESC.get());
    exportCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    exportCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    exportCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    exportCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    exportCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    exportCertKeystorePassword.addLongIdentifier("storepass", true);
    exportCertKeystorePassword.setSensitive(true);
    exportCertParser.addArgument(exportCertKeystorePassword);
    final FileArgument exportCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    exportCertParser.addArgument(exportCertKeystorePasswordFile);
    final BooleanArgument exportCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    exportCertParser.addArgument(exportCertPromptForKeystorePassword);
    final StringArgument exportCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    exportCertKeystoreType.addLongIdentifier("key-store-type", true);
    exportCertKeystoreType.addLongIdentifier("keystoreType", true);
    exportCertKeystoreType.addLongIdentifier("keystore-format", true);
    exportCertKeystoreType.addLongIdentifier("key-store-format", true);
    exportCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    exportCertKeystoreType.addLongIdentifier("storetype", true);
    exportCertParser.addArgument(exportCertKeystoreType);
    final StringArgument exportCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_ALIAS_DESC.get());
    exportCertAlias.addLongIdentifier("nickname", true);
    exportCertParser.addArgument(exportCertAlias);
    final BooleanArgument exportCertChain = new BooleanArgument(null, "export-certificate-chain", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_CHAIN_DESC.get());
    exportCertChain.addLongIdentifier("exportCertificateChain", true);
    exportCertChain.addLongIdentifier("export-chain", true);
    exportCertChain.addLongIdentifier("exportChain", true);
    exportCertChain.addLongIdentifier("certificate-chain", true);
    exportCertChain.addLongIdentifier("certificateChain", true);
    exportCertChain.addLongIdentifier("chain", true);
    exportCertParser.addArgument(exportCertChain);
    final Set<String> exportCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument exportCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FORMAT_DESC.get(), exportCertOutputFormatAllowedValues, "PEM");
    exportCertOutputFormat.addLongIdentifier("outputFormat", true);
    exportCertParser.addArgument(exportCertOutputFormat);
    final FileArgument exportCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FILE_DESC.get(), false, true, true, false);
    exportCertOutputFile.addLongIdentifier("outputFile", true);
    exportCertOutputFile.addLongIdentifier("export-file", true);
    exportCertOutputFile.addLongIdentifier("exportFile", true);
    exportCertOutputFile.addLongIdentifier("certificate-file", true);
    exportCertOutputFile.addLongIdentifier("certificateFile", true);
    exportCertOutputFile.addLongIdentifier("file", true);
    exportCertOutputFile.addLongIdentifier("filename", true);
    exportCertParser.addArgument(exportCertOutputFile);
    final BooleanArgument exportCertSeparateFile = new BooleanArgument(null, "separate-file-per-certificate", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_SEPARATE_FILE_DESC.get());
    exportCertSeparateFile.addLongIdentifier("separateFilePerCertificate", true);
    exportCertSeparateFile.addLongIdentifier("separate-files", true);
    exportCertSeparateFile.addLongIdentifier("separateFiles", true);
    exportCertParser.addArgument(exportCertSeparateFile);
    final BooleanArgument exportCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    exportCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    exportCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    exportCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    exportCertParser.addArgument(exportCertDisplayCommand);
    exportCertParser.addExclusiveArgumentSet(exportCertKeystorePassword, exportCertKeystorePasswordFile, exportCertPromptForKeystorePassword);
    exportCertParser.addDependentArgumentSet(exportCertSeparateFile, exportCertChain);
    exportCertParser.addDependentArgumentSet(exportCertSeparateFile, exportCertOutputFile);
    final LinkedHashMap<String[], String> exportCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    exportCertExamples.put(new String[] { "export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_1.get());
    exportCertExamples.put(new String[] { "export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--export-certificate-chain", "--output-format", "DER", "--output-file", "certificate-chain.der", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_2.get());
    final SubCommand exportCertSubCommand = new SubCommand("export-certificate", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), exportCertParser, exportCertExamples);
    exportCertSubCommand.addName("exportCertificate", true);
    exportCertSubCommand.addName("export-cert", true);
    exportCertSubCommand.addName("exportCert", true);
    exportCertSubCommand.addName("export", true);
    parser.addSubCommand(exportCertSubCommand);
    // Define the "export-private-key" subcommand and all of its arguments.
    final ArgumentParser exportKeyParser = new ArgumentParser("export-private-key", INFO_MANAGE_CERTS_SC_EXPORT_KEY_DESC.get());
    final FileArgument exportKeyKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_DESC.get(), true, true, true, false);
    exportKeyKeystore.addLongIdentifier("keystore-path", true);
    exportKeyKeystore.addLongIdentifier("keystorePath", true);
    exportKeyKeystore.addLongIdentifier("keystore-file", true);
    exportKeyKeystore.addLongIdentifier("keystoreFile", true);
    exportKeyParser.addArgument(exportKeyKeystore);
    final StringArgument exportKeyKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_DESC.get());
    exportKeyKeystorePassword.addLongIdentifier("keystorePassword", true);
    exportKeyKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    exportKeyKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    exportKeyKeystorePassword.addLongIdentifier("keystore-pin", true);
    exportKeyKeystorePassword.addLongIdentifier("keystorePIN", true);
    exportKeyKeystorePassword.addLongIdentifier("storepass", true);
    exportKeyKeystorePassword.setSensitive(true);
    exportKeyParser.addArgument(exportKeyKeystorePassword);
    final FileArgument exportKeyKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    exportKeyParser.addArgument(exportKeyKeystorePasswordFile);
    final BooleanArgument exportKeyPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_KS_PW_DESC.get());
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    exportKeyParser.addArgument(exportKeyPromptForKeystorePassword);
    final StringArgument exportKeyPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_DESC.get());
    exportKeyPKPassword.addLongIdentifier("privateKeyPassword", true);
    exportKeyPKPassword.addLongIdentifier("private-key-passphrase", true);
    exportKeyPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    exportKeyPKPassword.addLongIdentifier("private-key-pin", true);
    exportKeyPKPassword.addLongIdentifier("privateKeyPIN", true);
    exportKeyPKPassword.addLongIdentifier("key-password", true);
    exportKeyPKPassword.addLongIdentifier("keyPassword", true);
    exportKeyPKPassword.addLongIdentifier("key-passphrase", true);
    exportKeyPKPassword.addLongIdentifier("keyPassphrase", true);
    exportKeyPKPassword.addLongIdentifier("key-pin", true);
    exportKeyPKPassword.addLongIdentifier("keyPIN", true);
    exportKeyPKPassword.addLongIdentifier("keypass", true);
    exportKeyPKPassword.setSensitive(true);
    exportKeyParser.addArgument(exportKeyPKPassword);
    final FileArgument exportKeyPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-password-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-pin-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPINFile", true);
    exportKeyParser.addArgument(exportKeyPKPasswordFile);
    final BooleanArgument exportKeyPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_PK_PW_DESC.get());
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    exportKeyParser.addArgument(exportKeyPromptForPKPassword);
    final StringArgument exportKeyKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    exportKeyKeystoreType.addLongIdentifier("key-store-type", true);
    exportKeyKeystoreType.addLongIdentifier("keystoreType", true);
    exportKeyKeystoreType.addLongIdentifier("keystore-format", true);
    exportKeyKeystoreType.addLongIdentifier("key-store-format", true);
    exportKeyKeystoreType.addLongIdentifier("keystoreFormat", true);
    exportKeyKeystoreType.addLongIdentifier("storetype", true);
    exportKeyParser.addArgument(exportKeyKeystoreType);
    final StringArgument exportKeyAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_ALIAS_DESC.get());
    exportKeyAlias.addLongIdentifier("nickname", true);
    exportKeyParser.addArgument(exportKeyAlias);
    final Set<String> exportKeyOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument exportKeyOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FORMAT_DESC.get(), exportKeyOutputFormatAllowedValues, "PEM");
    exportKeyOutputFormat.addLongIdentifier("outputFormat", true);
    exportKeyParser.addArgument(exportKeyOutputFormat);
    final FileArgument exportKeyOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FILE_DESC.get(), false, true, true, false);
    exportKeyOutputFile.addLongIdentifier("outputFile", true);
    exportKeyOutputFile.addLongIdentifier("export-file", true);
    exportKeyOutputFile.addLongIdentifier("exportFile", true);
    exportKeyOutputFile.addLongIdentifier("private-key-file", true);
    exportKeyOutputFile.addLongIdentifier("privateKeyFile", true);
    exportKeyOutputFile.addLongIdentifier("key-file", true);
    exportKeyOutputFile.addLongIdentifier("keyFile", true);
    exportKeyOutputFile.addLongIdentifier("file", true);
    exportKeyOutputFile.addLongIdentifier("filename", true);
    exportKeyParser.addArgument(exportKeyOutputFile);
    exportKeyParser.addRequiredArgumentSet(exportKeyKeystorePassword, exportKeyKeystorePasswordFile, exportKeyPromptForKeystorePassword);
    exportKeyParser.addExclusiveArgumentSet(exportKeyKeystorePassword, exportKeyKeystorePasswordFile, exportKeyPromptForKeystorePassword);
    exportKeyParser.addExclusiveArgumentSet(exportKeyPKPassword, exportKeyPKPasswordFile, exportKeyPromptForPKPassword);
    final LinkedHashMap<String[], String> exportKeyExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    exportKeyExamples.put(new String[] { "export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_1.get());
    exportKeyExamples.put(new String[] { "export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--private-key-password-file", getPlatformSpecificPath("config", "server-cert-key.pin"), "--alias", "server-cert", "--output-format", "DER", "--output-file", "server-cert-key.der" }, INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_2.get());
    final SubCommand exportKeySubCommand = new SubCommand("export-private-key", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), exportKeyParser, exportKeyExamples);
    exportKeySubCommand.addName("exportPrivateKey", true);
    exportKeySubCommand.addName("export-key", true);
    exportKeySubCommand.addName("exportKey", true);
    parser.addSubCommand(exportKeySubCommand);
    // Define the "import-certificate" subcommand and all of its arguments.
    final ArgumentParser importCertParser = new ArgumentParser("import-certificate", INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get());
    final FileArgument importCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_DESC.get(), false, true, true, false);
    importCertKeystore.addLongIdentifier("keystore-path", true);
    importCertKeystore.addLongIdentifier("keystorePath", true);
    importCertKeystore.addLongIdentifier("keystore-file", true);
    importCertKeystore.addLongIdentifier("keystoreFile", true);
    importCertParser.addArgument(importCertKeystore);
    final StringArgument importCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_DESC.get());
    importCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    importCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    importCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    importCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    importCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    importCertKeystorePassword.addLongIdentifier("storepass", true);
    importCertKeystorePassword.setSensitive(true);
    importCertParser.addArgument(importCertKeystorePassword);
    final FileArgument importCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    importCertParser.addArgument(importCertKeystorePasswordFile);
    final BooleanArgument importCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    importCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    importCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    importCertParser.addArgument(importCertPromptForKeystorePassword);
    final StringArgument importCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    importCertKeystoreType.addLongIdentifier("key-store-type", true);
    importCertKeystoreType.addLongIdentifier("keystoreType", true);
    importCertKeystoreType.addLongIdentifier("keystore-format", true);
    importCertKeystoreType.addLongIdentifier("key-store-format", true);
    importCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    importCertKeystoreType.addLongIdentifier("storetype", true);
    importCertParser.addArgument(importCertKeystoreType);
    final StringArgument importCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_ALIAS_DESC.get());
    importCertAlias.addLongIdentifier("nickname", true);
    importCertParser.addArgument(importCertAlias);
    final FileArgument importCertCertificateFile = new FileArgument(null, "certificate-file", true, 0, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_CERT_FILE_DESC.get(), true, true, true, false);
    importCertCertificateFile.addLongIdentifier("certificateFile", true);
    importCertCertificateFile.addLongIdentifier("certificate-chain-file", true);
    importCertCertificateFile.addLongIdentifier("certificateChainFile", true);
    importCertCertificateFile.addLongIdentifier("input-file", true);
    importCertCertificateFile.addLongIdentifier("inputFile", true);
    importCertCertificateFile.addLongIdentifier("import-file", true);
    importCertCertificateFile.addLongIdentifier("importFile", true);
    importCertCertificateFile.addLongIdentifier("file", true);
    importCertCertificateFile.addLongIdentifier("filename", true);
    importCertParser.addArgument(importCertCertificateFile);
    final FileArgument importCertPKFile = new FileArgument(null, "private-key-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KEY_FILE_DESC.get(), true, true, true, false);
    importCertPKFile.addLongIdentifier("privateKeyFile", true);
    importCertPKFile.addLongIdentifier("key-file", true);
    importCertPKFile.addLongIdentifier("keyFile", true);
    importCertParser.addArgument(importCertPKFile);
    final StringArgument importCertPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_DESC.get());
    importCertPKPassword.addLongIdentifier("privateKeyPassword", true);
    importCertPKPassword.addLongIdentifier("private-key-passphrase", true);
    importCertPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    importCertPKPassword.addLongIdentifier("private-key-pin", true);
    importCertPKPassword.addLongIdentifier("privateKeyPIN", true);
    importCertPKPassword.addLongIdentifier("key-password", true);
    importCertPKPassword.addLongIdentifier("keyPassword", true);
    importCertPKPassword.addLongIdentifier("key-passphrase", true);
    importCertPKPassword.addLongIdentifier("keyPassphrase", true);
    importCertPKPassword.addLongIdentifier("key-pin", true);
    importCertPKPassword.addLongIdentifier("keyPIN", true);
    importCertPKPassword.addLongIdentifier("keypass", true);
    importCertPKPassword.setSensitive(true);
    importCertParser.addArgument(importCertPKPassword);
    final FileArgument importCertPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    importCertPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    importCertPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-password-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-pin-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPINFile", true);
    importCertParser.addArgument(importCertPKPasswordFile);
    final BooleanArgument importCertPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    importCertParser.addArgument(importCertPromptForPKPassword);
    final BooleanArgument importCertNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_NO_PROMPT_DESC.get());
    importCertNoPrompt.addLongIdentifier("noPrompt", true);
    importCertParser.addArgument(importCertNoPrompt);
    final BooleanArgument importCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    importCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    importCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    importCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    importCertParser.addArgument(importCertDisplayCommand);
    importCertParser.addRequiredArgumentSet(importCertKeystorePassword, importCertKeystorePasswordFile, importCertPromptForKeystorePassword);
    importCertParser.addExclusiveArgumentSet(importCertKeystorePassword, importCertKeystorePasswordFile, importCertPromptForKeystorePassword);
    importCertParser.addExclusiveArgumentSet(importCertPKPassword, importCertPKPasswordFile, importCertPromptForPKPassword);
    final LinkedHashMap<String[], String> importCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    importCertExamples.put(new String[] { "import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--certificate-file", "server-cert.crt" }, INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_1.get("server-cert.crt"));
    importCertExamples.put(new String[] { "import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--certificate-file", "server-cert.crt", "--certificate-file", "server-cert-issuer.crt", "--private-key-file", "server-cert.key", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_2.get());
    final SubCommand importCertSubCommand = new SubCommand("import-certificate", INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get(), importCertParser, importCertExamples);
    importCertSubCommand.addName("importCertificate", true);
    importCertSubCommand.addName("import-certificates", true);
    importCertSubCommand.addName("importCertificates", true);
    importCertSubCommand.addName("import-cert", true);
    importCertSubCommand.addName("importCert", true);
    importCertSubCommand.addName("import-certs", true);
    importCertSubCommand.addName("importCerts", true);
    importCertSubCommand.addName("import-certificate-chain", true);
    importCertSubCommand.addName("importCertificateChain", true);
    importCertSubCommand.addName("import-chain", true);
    importCertSubCommand.addName("importChain", true);
    importCertSubCommand.addName("import", true);
    parser.addSubCommand(importCertSubCommand);
    // Define the "delete-certificate" subcommand and all of its arguments.
    final ArgumentParser deleteCertParser = new ArgumentParser("delete-certificate", INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get());
    final FileArgument deleteCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_DESC.get(), true, true, true, false);
    deleteCertKeystore.addLongIdentifier("keystore-path", true);
    deleteCertKeystore.addLongIdentifier("keystorePath", true);
    deleteCertKeystore.addLongIdentifier("keystore-file", true);
    deleteCertKeystore.addLongIdentifier("keystoreFile", true);
    deleteCertParser.addArgument(deleteCertKeystore);
    final StringArgument deleteCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_DESC.get());
    deleteCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    deleteCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    deleteCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    deleteCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    deleteCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    deleteCertKeystorePassword.addLongIdentifier("storepass", true);
    deleteCertKeystorePassword.setSensitive(true);
    deleteCertParser.addArgument(deleteCertKeystorePassword);
    final FileArgument deleteCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    deleteCertParser.addArgument(deleteCertKeystorePasswordFile);
    final BooleanArgument deleteCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    deleteCertParser.addArgument(deleteCertPromptForKeystorePassword);
    final StringArgument deleteCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    deleteCertKeystoreType.addLongIdentifier("key-store-type", true);
    deleteCertKeystoreType.addLongIdentifier("keystoreType", true);
    deleteCertKeystoreType.addLongIdentifier("keystore-format", true);
    deleteCertKeystoreType.addLongIdentifier("key-store-format", true);
    deleteCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    deleteCertKeystoreType.addLongIdentifier("storetype", true);
    deleteCertParser.addArgument(deleteCertKeystoreType);
    final StringArgument deleteCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_ALIAS_DESC.get());
    deleteCertAlias.addLongIdentifier("nickname", true);
    deleteCertParser.addArgument(deleteCertAlias);
    final BooleanArgument deleteCertNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_NO_PROMPT_DESC.get());
    deleteCertNoPrompt.addLongIdentifier("noPrompt", true);
    deleteCertParser.addArgument(deleteCertNoPrompt);
    final BooleanArgument deleteCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    deleteCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    deleteCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    deleteCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    deleteCertParser.addArgument(deleteCertDisplayCommand);
    deleteCertParser.addExclusiveArgumentSet(deleteCertKeystorePassword, deleteCertKeystorePasswordFile, deleteCertPromptForKeystorePassword);
    deleteCertParser.addRequiredArgumentSet(deleteCertKeystorePassword, deleteCertKeystorePasswordFile, deleteCertPromptForKeystorePassword);
    final LinkedHashMap<String[], String> deleteCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    deleteCertExamples.put(new String[] { "delete-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_DELETE_CERT_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand deleteCertSubCommand = new SubCommand("delete-certificate", INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get(), deleteCertParser, deleteCertExamples);
    deleteCertSubCommand.addName("deleteCertificate", true);
    deleteCertSubCommand.addName("remove-certificate", true);
    deleteCertSubCommand.addName("removeCertificate", true);
    deleteCertSubCommand.addName("delete", true);
    deleteCertSubCommand.addName("remove", true);
    parser.addSubCommand(deleteCertSubCommand);
    // Define the "generate-self-signed-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser genCertParser = new ArgumentParser("generate-self-signed-certificate", INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get());
    final FileArgument genCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_DESC.get(), false, true, true, false);
    genCertKeystore.addLongIdentifier("keystore-path", true);
    genCertKeystore.addLongIdentifier("keystorePath", true);
    genCertKeystore.addLongIdentifier("keystore-file", true);
    genCertKeystore.addLongIdentifier("keystoreFile", true);
    genCertParser.addArgument(genCertKeystore);
    final StringArgument genCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_DESC.get());
    genCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    genCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    genCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    genCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    genCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    genCertKeystorePassword.addLongIdentifier("storepass", true);
    genCertKeystorePassword.setSensitive(true);
    genCertParser.addArgument(genCertKeystorePassword);
    final FileArgument genCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    genCertParser.addArgument(genCertKeystorePasswordFile);
    final BooleanArgument genCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    genCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    genCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    genCertParser.addArgument(genCertPromptForKeystorePassword);
    final StringArgument genCertPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_DESC.get());
    genCertPKPassword.addLongIdentifier("privateKeyPassword", true);
    genCertPKPassword.addLongIdentifier("private-key-passphrase", true);
    genCertPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    genCertPKPassword.addLongIdentifier("private-key-pin", true);
    genCertPKPassword.addLongIdentifier("privateKeyPIN", true);
    genCertPKPassword.addLongIdentifier("key-password", true);
    genCertPKPassword.addLongIdentifier("keyPassword", true);
    genCertPKPassword.addLongIdentifier("key-passphrase", true);
    genCertPKPassword.addLongIdentifier("keyPassphrase", true);
    genCertPKPassword.addLongIdentifier("key-pin", true);
    genCertPKPassword.addLongIdentifier("keyPIN", true);
    genCertPKPassword.addLongIdentifier("keypass", true);
    genCertPKPassword.setSensitive(true);
    genCertParser.addArgument(genCertPKPassword);
    final FileArgument genCertPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    genCertPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    genCertPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-password-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-pin-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPINFile", true);
    genCertParser.addArgument(genCertPKPasswordFile);
    final BooleanArgument genCertPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    genCertParser.addArgument(genCertPromptForPKPassword);
    final StringArgument genCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    genCertKeystoreType.addLongIdentifier("key-store-type", true);
    genCertKeystoreType.addLongIdentifier("keystoreType", true);
    genCertKeystoreType.addLongIdentifier("keystore-format", true);
    genCertKeystoreType.addLongIdentifier("key-store-format", true);
    genCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    genCertKeystoreType.addLongIdentifier("storetype", true);
    genCertParser.addArgument(genCertKeystoreType);
    final StringArgument genCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_ALIAS_DESC.get());
    genCertAlias.addLongIdentifier("nickname", true);
    genCertParser.addArgument(genCertAlias);
    final BooleanArgument genCertReplace = new BooleanArgument(null, "replace-existing-certificate", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_REPLACE_DESC.get());
    genCertReplace.addLongIdentifier("replaceExistingCertificate", true);
    genCertReplace.addLongIdentifier("replace-certificate", true);
    genCertReplace.addLongIdentifier("replaceCertificate", true);
    genCertReplace.addLongIdentifier("replace-existing", true);
    genCertReplace.addLongIdentifier("replaceExisting", true);
    genCertReplace.addLongIdentifier("replace", true);
    genCertReplace.addLongIdentifier("use-existing-key-pair", true);
    genCertReplace.addLongIdentifier("use-existing-keypair", true);
    genCertReplace.addLongIdentifier("useExistingKeypair", true);
    genCertParser.addArgument(genCertReplace);
    final DNArgument genCertSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SUBJECT_DN_DESC.get());
    genCertSubjectDN.addLongIdentifier("subjectDN", true);
    genCertSubjectDN.addLongIdentifier("subject", true);
    genCertSubjectDN.addLongIdentifier("dname", true);
    genCertParser.addArgument(genCertSubjectDN);
    final IntegerArgument genCertDaysValid = new IntegerArgument(null, "days-valid", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
    genCertDaysValid.addLongIdentifier("daysValid", true);
    genCertDaysValid.addLongIdentifier("validity", true);
    genCertParser.addArgument(genCertDaysValid);
    final TimestampArgument genCertNotBefore = new TimestampArgument(null, "validity-start-time", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_VALIDITY_START_TIME_DESC.get("20180102123456"));
    genCertNotBefore.addLongIdentifier("validityStartTime", true);
    genCertNotBefore.addLongIdentifier("not-before", true);
    genCertNotBefore.addLongIdentifier("notBefore", true);
    genCertParser.addArgument(genCertNotBefore);
    final StringArgument genCertKeyAlgorithm = new StringArgument(null, "key-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_ALGORITHM_DESC.get());
    genCertKeyAlgorithm.addLongIdentifier("keyAlgorithm", true);
    genCertKeyAlgorithm.addLongIdentifier("key-alg", true);
    genCertKeyAlgorithm.addLongIdentifier("keyAlg", true);
    genCertParser.addArgument(genCertKeyAlgorithm);
    final IntegerArgument genCertKeySizeBits = new IntegerArgument(null, "key-size-bits", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_SIZE_BITS_DESC.get(), 1, Integer.MAX_VALUE);
    genCertKeySizeBits.addLongIdentifier("keySizeBits", true);
    genCertKeySizeBits.addLongIdentifier("key-length-bits", true);
    genCertKeySizeBits.addLongIdentifier("keyLengthBits", true);
    genCertKeySizeBits.addLongIdentifier("key-size", true);
    genCertKeySizeBits.addLongIdentifier("keySize", true);
    genCertKeySizeBits.addLongIdentifier("key-length", true);
    genCertKeySizeBits.addLongIdentifier("keyLength", true);
    genCertParser.addArgument(genCertKeySizeBits);
    final StringArgument genCertSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SIG_ALG_DESC.get());
    genCertSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    genCertSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    genCertSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    genCertSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    genCertSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    genCertParser.addArgument(genCertSignatureAlgorithm);
    final BooleanArgument genCertInheritExtensions = new BooleanArgument(null, "inherit-extensions", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_INHERIT_EXT_DESC.get());
    genCertInheritExtensions.addLongIdentifier("inheritExtensions", true);
    genCertParser.addArgument(genCertInheritExtensions);
    final StringArgument genCertSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_DNS_DESC.get());
    genCertSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("san-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("sanDNS", true);
    genCertSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCertParser.addArgument(genCertSubjectAltDNS);
    final StringArgument genCertSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_IP_DESC.get());
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    genCertSubjectAltIP.addLongIdentifier("san-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("san-ip", true);
    genCertSubjectAltIP.addLongIdentifier("sanIP", true);
    genCertSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    genCertParser.addArgument(genCertSubjectAltIP);
    final StringArgument genCertSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_EMAIL_DESC.get());
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("san-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("san-email", true);
    genCertSubjectAltEmail.addLongIdentifier("sanEmail", true);
    genCertSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCertParser.addArgument(genCertSubjectAltEmail);
    final StringArgument genCertSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_URI_DESC.get());
    genCertSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    genCertSubjectAltURI.addLongIdentifier("san-uri", true);
    genCertSubjectAltURI.addLongIdentifier("sanURI", true);
    genCertParser.addArgument(genCertSubjectAltURI);
    final StringArgument genCertSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_OID_DESC.get());
    genCertSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    genCertSubjectAltOID.addLongIdentifier("san-oid", true);
    genCertSubjectAltOID.addLongIdentifier("sanOID", true);
    genCertSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    genCertParser.addArgument(genCertSubjectAltOID);
    final BooleanValueArgument genCertBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_IS_CA_DESC.get());
    genCertBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    genCertBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    genCertBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    genCertParser.addArgument(genCertBasicConstraintsIsCA);
    final IntegerArgument genCertBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    genCertParser.addArgument(genCertBasicConstraintsPathLength);
    final StringArgument genCertKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KU_DESC.get());
    genCertKeyUsage.addLongIdentifier("keyUsage", true);
    genCertParser.addArgument(genCertKeyUsage);
    final StringArgument genCertExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EKU_DESC.get());
    genCertExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    genCertParser.addArgument(genCertExtendedKeyUsage);
    final StringArgument genCertExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EXT_DESC.get());
    genCertExtension.addLongIdentifier("ext", true);
    genCertParser.addArgument(genCertExtension);
    final FileArgument genCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    genCertOutputFile.addLongIdentifier("outputFile", true);
    genCertOutputFile.addLongIdentifier("filename", true);
    genCertOutputFile.addLongIdentifier("file", true);
    genCertParser.addArgument(genCertOutputFile);
    final Set<String> genCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument genCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_FORMAT_DESC.get(), genCertOutputFormatAllowedValues, "PEM");
    genCertOutputFormat.addLongIdentifier("outputFormat", true);
    genCertParser.addArgument(genCertOutputFormat);
    final BooleanArgument genCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    genCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    genCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    genCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    genCertParser.addArgument(genCertDisplayCommand);
    genCertParser.addRequiredArgumentSet(genCertKeystorePassword, genCertKeystorePasswordFile, genCertPromptForKeystorePassword);
    genCertParser.addExclusiveArgumentSet(genCertKeystorePassword, genCertKeystorePasswordFile, genCertPromptForKeystorePassword);
    genCertParser.addExclusiveArgumentSet(genCertPKPassword, genCertPKPasswordFile, genCertPromptForPKPassword);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertKeyAlgorithm);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertKeySizeBits);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertSignatureAlgorithm);
    genCertParser.addDependentArgumentSet(genCertBasicConstraintsPathLength, genCertBasicConstraintsIsCA);
    genCertParser.addDependentArgumentSet(genCertOutputFormat, genCertOutputFile);
    final LinkedHashMap<String[], String> genCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(4));
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_1.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--replace-existing-certificate", "--inherit-extensions" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_2.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--days-valid", "3650", "--validity-start-time", "20170101000000", "--key-algorithm", "RSA", "--key-size-bits", "4096", "--signature-algorithm", "SHA256withRSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_3.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "ca-cert", "--subject-dn", "CN=Example Certification Authority,O=Example Corp,C=US", "--days-valid", "7300", "--validity-start-time", "20170101000000", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--basic-constraints-is-ca", "true", "--key-usage", "key-cert-sign", "--key-usage", "crl-sign", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_4.get());
    final SubCommand genCertSubCommand = new SubCommand("generate-self-signed-certificate", INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get(), genCertParser, genCertExamples);
    genCertSubCommand.addName("generateSelfSignedCertificate", true);
    genCertSubCommand.addName("generate-certificate", true);
    genCertSubCommand.addName("generateCertificate", true);
    genCertSubCommand.addName("self-signed-certificate", true);
    genCertSubCommand.addName("selfSignedCertificate", true);
    genCertSubCommand.addName("selfcert", true);
    parser.addSubCommand(genCertSubCommand);
    // Define the "generate-certificate-signing-request" subcommand and all of
    // its arguments.
    final ArgumentParser genCSRParser = new ArgumentParser("generate-certificate-signing-request", INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get());
    final Set<String> genCSROutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument genCSROutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_FORMAT_DESC.get(), genCSROutputFormatAllowedValues, "PEM");
    genCSROutputFormat.addLongIdentifier("outputFormat", true);
    genCSRParser.addArgument(genCSROutputFormat);
    final FileArgument genCSROutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    genCSROutputFile.addLongIdentifier("outputFile", true);
    genCSROutputFile.addLongIdentifier("filename", true);
    genCSROutputFile.addLongIdentifier("file", true);
    genCSRParser.addArgument(genCSROutputFile);
    final FileArgument genCSRKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_DESC.get(), false, true, true, false);
    genCSRKeystore.addLongIdentifier("keystore-path", true);
    genCSRKeystore.addLongIdentifier("keystorePath", true);
    genCSRKeystore.addLongIdentifier("keystore-file", true);
    genCSRKeystore.addLongIdentifier("keystoreFile", true);
    genCSRParser.addArgument(genCSRKeystore);
    final StringArgument genCSRKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_DESC.get());
    genCSRKeystorePassword.addLongIdentifier("keystorePassword", true);
    genCSRKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    genCSRKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    genCSRKeystorePassword.addLongIdentifier("keystore-pin", true);
    genCSRKeystorePassword.addLongIdentifier("keystorePIN", true);
    genCSRKeystorePassword.addLongIdentifier("storepass", true);
    genCSRKeystorePassword.setSensitive(true);
    genCSRParser.addArgument(genCSRKeystorePassword);
    final FileArgument genCSRKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    genCSRParser.addArgument(genCSRKeystorePasswordFile);
    final BooleanArgument genCSRPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    genCSRParser.addArgument(genCSRPromptForKeystorePassword);
    final StringArgument genCSRPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_DESC.get());
    genCSRPKPassword.addLongIdentifier("privateKeyPassword", true);
    genCSRPKPassword.addLongIdentifier("private-key-passphrase", true);
    genCSRPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    genCSRPKPassword.addLongIdentifier("private-key-pin", true);
    genCSRPKPassword.addLongIdentifier("privateKeyPIN", true);
    genCSRPKPassword.addLongIdentifier("key-password", true);
    genCSRPKPassword.addLongIdentifier("keyPassword", true);
    genCSRPKPassword.addLongIdentifier("key-passphrase", true);
    genCSRPKPassword.addLongIdentifier("keyPassphrase", true);
    genCSRPKPassword.addLongIdentifier("key-pin", true);
    genCSRPKPassword.addLongIdentifier("keyPIN", true);
    genCSRPKPassword.addLongIdentifier("keypass", true);
    genCSRPKPassword.setSensitive(true);
    genCSRParser.addArgument(genCSRPKPassword);
    final FileArgument genCSRPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    genCSRPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    genCSRPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-password-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-pin-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPINFile", true);
    genCSRParser.addArgument(genCSRPKPasswordFile);
    final BooleanArgument genCSRPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    genCSRParser.addArgument(genCSRPromptForPKPassword);
    final StringArgument genCSRKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    genCSRKeystoreType.addLongIdentifier("key-store-type", true);
    genCSRKeystoreType.addLongIdentifier("keystoreType", true);
    genCSRKeystoreType.addLongIdentifier("keystore-format", true);
    genCSRKeystoreType.addLongIdentifier("key-store-format", true);
    genCSRKeystoreType.addLongIdentifier("keystoreFormat", true);
    genCSRKeystoreType.addLongIdentifier("storetype", true);
    genCSRParser.addArgument(genCSRKeystoreType);
    final StringArgument genCSRAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_ALIAS_DESC.get());
    genCSRAlias.addLongIdentifier("nickname", true);
    genCSRParser.addArgument(genCSRAlias);
    final BooleanArgument genCSRReplace = new BooleanArgument(null, "use-existing-key-pair", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_REPLACE_DESC.get());
    genCSRReplace.addLongIdentifier("use-existing-keypair", true);
    genCSRReplace.addLongIdentifier("useExistingKeyPair", true);
    genCSRReplace.addLongIdentifier("replace-existing-certificate", true);
    genCSRReplace.addLongIdentifier("replaceExistingCertificate", true);
    genCSRReplace.addLongIdentifier("replace-certificate", true);
    genCSRReplace.addLongIdentifier("replaceCertificate", true);
    genCSRReplace.addLongIdentifier("replace-existing", true);
    genCSRReplace.addLongIdentifier("replaceExisting", true);
    genCSRReplace.addLongIdentifier("replace", true);
    genCSRParser.addArgument(genCSRReplace);
    final DNArgument genCSRSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SUBJECT_DN_DESC.get());
    genCSRSubjectDN.addLongIdentifier("subjectDN", true);
    genCSRSubjectDN.addLongIdentifier("subject", true);
    genCSRSubjectDN.addLongIdentifier("dname", true);
    genCSRParser.addArgument(genCSRSubjectDN);
    final StringArgument genCSRKeyAlgorithm = new StringArgument(null, "key-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_ALGORITHM_DESC.get());
    genCSRKeyAlgorithm.addLongIdentifier("keyAlgorithm", true);
    genCSRKeyAlgorithm.addLongIdentifier("key-alg", true);
    genCSRKeyAlgorithm.addLongIdentifier("keyAlg", true);
    genCSRParser.addArgument(genCSRKeyAlgorithm);
    final IntegerArgument genCSRKeySizeBits = new IntegerArgument(null, "key-size-bits", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_SIZE_BITS_DESC.get(), 1, Integer.MAX_VALUE);
    genCSRKeySizeBits.addLongIdentifier("keySizeBits", true);
    genCSRKeySizeBits.addLongIdentifier("key-length-bits", true);
    genCSRKeySizeBits.addLongIdentifier("keyLengthBits", true);
    genCSRKeySizeBits.addLongIdentifier("key-size", true);
    genCSRKeySizeBits.addLongIdentifier("keySize", true);
    genCSRKeySizeBits.addLongIdentifier("key-length", true);
    genCSRKeySizeBits.addLongIdentifier("keyLength", true);
    genCSRParser.addArgument(genCSRKeySizeBits);
    final StringArgument genCSRSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SIG_ALG_DESC.get());
    genCSRSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    genCSRSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    genCSRParser.addArgument(genCSRSignatureAlgorithm);
    final BooleanArgument genCSRInheritExtensions = new BooleanArgument(null, "inherit-extensions", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_INHERIT_EXT_DESC.get());
    genCSRInheritExtensions.addLongIdentifier("inheritExtensions", true);
    genCSRParser.addArgument(genCSRInheritExtensions);
    final StringArgument genCSRSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_DNS_DESC.get());
    genCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("san-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("sanDNS", true);
    genCSRSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCSRParser.addArgument(genCSRSubjectAltDNS);
    final StringArgument genCSRSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_IP_DESC.get());
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    genCSRSubjectAltIP.addLongIdentifier("san-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("san-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("sanIP", true);
    genCSRSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    genCSRParser.addArgument(genCSRSubjectAltIP);
    final StringArgument genCSRSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_EMAIL_DESC.get());
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("san-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("san-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("sanEmail", true);
    genCSRSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCSRParser.addArgument(genCSRSubjectAltEmail);
    final StringArgument genCSRSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_URI_DESC.get());
    genCSRSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    genCSRSubjectAltURI.addLongIdentifier("san-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("sanURI", true);
    genCSRParser.addArgument(genCSRSubjectAltURI);
    final StringArgument genCSRSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_OID_DESC.get());
    genCSRSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    genCSRSubjectAltOID.addLongIdentifier("san-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("sanOID", true);
    genCSRSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    genCSRParser.addArgument(genCSRSubjectAltOID);
    final BooleanValueArgument genCSRBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_BC_IS_CA_DESC.get());
    genCSRBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    genCSRBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    genCSRBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    genCSRParser.addArgument(genCSRBasicConstraintsIsCA);
    final IntegerArgument genCSRBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    genCSRParser.addArgument(genCSRBasicConstraintsPathLength);
    final StringArgument genCSRKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KU_DESC.get());
    genCSRKeyUsage.addLongIdentifier("keyUsage", true);
    genCSRParser.addArgument(genCSRKeyUsage);
    final StringArgument genCSRExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EKU_DESC.get());
    genCSRExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    genCSRParser.addArgument(genCSRExtendedKeyUsage);
    final StringArgument genCSRExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EXT_DESC.get());
    genCSRExtension.addLongIdentifier("ext", true);
    genCSRParser.addArgument(genCSRExtension);
    final BooleanArgument genCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    genCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    genCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    genCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    genCSRParser.addArgument(genCSRDisplayCommand);
    genCSRParser.addRequiredArgumentSet(genCSRKeystorePassword, genCSRKeystorePasswordFile, genCSRPromptForKeystorePassword);
    genCSRParser.addExclusiveArgumentSet(genCSRKeystorePassword, genCSRKeystorePasswordFile, genCSRPromptForKeystorePassword);
    genCSRParser.addExclusiveArgumentSet(genCSRPKPassword, genCSRPKPasswordFile, genCSRPromptForPKPassword);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRKeyAlgorithm);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRKeySizeBits);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRSignatureAlgorithm);
    genCSRParser.addDependentArgumentSet(genCSRBasicConstraintsPathLength, genCSRBasicConstraintsIsCA);
    final LinkedHashMap<String[], String> genCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(3));
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_1.get());
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--use-existing-key-pair", "--inherit-extensions", "--output-file", "server-cert.csr" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_2.get());
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--output-file", "server-cert.csr", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_3.get());
    final SubCommand genCSRSubCommand = new SubCommand("generate-certificate-signing-request", INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get(), genCSRParser, genCSRExamples);
    genCSRSubCommand.addName("generateCertificateSigningRequest", true);
    genCSRSubCommand.addName("generate-certificate-request", true);
    genCSRSubCommand.addName("generateCertificateRequest", true);
    genCSRSubCommand.addName("generate-csr", true);
    genCSRSubCommand.addName("generateCSR", true);
    genCSRSubCommand.addName("certificate-signing-request", true);
    genCSRSubCommand.addName("certificateSigningRequest", true);
    genCSRSubCommand.addName("csr", true);
    genCSRSubCommand.addName("certreq", true);
    parser.addSubCommand(genCSRSubCommand);
    // Define the "sign-certificate-signing-request" subcommand and all of its
    // arguments.
    final ArgumentParser signCSRParser = new ArgumentParser("sign-certificate-signing-request", INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get());
    final FileArgument signCSRInputFile = new FileArgument(null, "request-input-file", true, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INPUT_FILE_DESC.get(), true, true, true, false);
    signCSRInputFile.addLongIdentifier("requestInputFile", true);
    signCSRInputFile.addLongIdentifier("certificate-signing-request", true);
    signCSRInputFile.addLongIdentifier("certificateSigningRequest", true);
    signCSRInputFile.addLongIdentifier("input-file", false);
    signCSRInputFile.addLongIdentifier("inputFile", true);
    signCSRInputFile.addLongIdentifier("csr", true);
    signCSRParser.addArgument(signCSRInputFile);
    final FileArgument signCSROutputFile = new FileArgument(null, "certificate-output-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    signCSROutputFile.addLongIdentifier("certificateOutputFile", true);
    signCSROutputFile.addLongIdentifier("output-file", false);
    signCSROutputFile.addLongIdentifier("outputFile", true);
    signCSROutputFile.addLongIdentifier("certificate-file", true);
    signCSROutputFile.addLongIdentifier("certificateFile", true);
    signCSRParser.addArgument(signCSROutputFile);
    final Set<String> signCSROutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument signCSROutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_FORMAT_DESC.get(), signCSROutputFormatAllowedValues, "PEM");
    signCSROutputFormat.addLongIdentifier("outputFormat", true);
    signCSRParser.addArgument(signCSROutputFormat);
    final FileArgument signCSRKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_DESC.get(), true, true, true, false);
    signCSRKeystore.addLongIdentifier("keystore-path", true);
    signCSRKeystore.addLongIdentifier("keystorePath", true);
    signCSRKeystore.addLongIdentifier("keystore-file", true);
    signCSRKeystore.addLongIdentifier("keystoreFile", true);
    signCSRParser.addArgument(signCSRKeystore);
    final StringArgument signCSRKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_DESC.get());
    signCSRKeystorePassword.addLongIdentifier("keystorePassword", true);
    signCSRKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    signCSRKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    signCSRKeystorePassword.addLongIdentifier("keystore-pin", true);
    signCSRKeystorePassword.addLongIdentifier("keystorePIN", true);
    signCSRKeystorePassword.addLongIdentifier("storepass", true);
    signCSRKeystorePassword.setSensitive(true);
    signCSRParser.addArgument(signCSRKeystorePassword);
    final FileArgument signCSRKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    signCSRParser.addArgument(signCSRKeystorePasswordFile);
    final BooleanArgument signCSRPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    signCSRParser.addArgument(signCSRPromptForKeystorePassword);
    final StringArgument signCSRPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_DESC.get());
    signCSRPKPassword.addLongIdentifier("privateKeyPassword", true);
    signCSRPKPassword.addLongIdentifier("private-key-passphrase", true);
    signCSRPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    signCSRPKPassword.addLongIdentifier("private-key-pin", true);
    signCSRPKPassword.addLongIdentifier("privateKeyPIN", true);
    signCSRPKPassword.addLongIdentifier("key-password", true);
    signCSRPKPassword.addLongIdentifier("keyPassword", true);
    signCSRPKPassword.addLongIdentifier("key-passphrase", true);
    signCSRPKPassword.addLongIdentifier("keyPassphrase", true);
    signCSRPKPassword.addLongIdentifier("key-pin", true);
    signCSRPKPassword.addLongIdentifier("keyPIN", true);
    signCSRPKPassword.addLongIdentifier("keypass", true);
    signCSRPKPassword.setSensitive(true);
    signCSRParser.addArgument(signCSRPKPassword);
    final FileArgument signCSRPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    signCSRPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    signCSRPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-password-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-pin-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPINFile", true);
    signCSRParser.addArgument(signCSRPKPasswordFile);
    final BooleanArgument signCSRPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    signCSRParser.addArgument(signCSRPromptForPKPassword);
    final StringArgument signCSRKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    signCSRKeystoreType.addLongIdentifier("key-store-type", true);
    signCSRKeystoreType.addLongIdentifier("keystoreType", true);
    signCSRKeystoreType.addLongIdentifier("keystore-format", true);
    signCSRKeystoreType.addLongIdentifier("key-store-format", true);
    signCSRKeystoreType.addLongIdentifier("keystoreFormat", true);
    signCSRKeystoreType.addLongIdentifier("storetype", true);
    signCSRParser.addArgument(signCSRKeystoreType);
    final StringArgument signCSRAlias = new StringArgument(null, "signing-certificate-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_ALIAS_DESC.get());
    signCSRAlias.addLongIdentifier("signingCertificateAlias", true);
    signCSRAlias.addLongIdentifier("signing-certificate-nickname", true);
    signCSRAlias.addLongIdentifier("signingCertificateNickname", true);
    signCSRAlias.addLongIdentifier("alias", true);
    signCSRAlias.addLongIdentifier("nickname", true);
    signCSRParser.addArgument(signCSRAlias);
    final DNArgument signCSRSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SUBJECT_DN_DESC.get());
    signCSRSubjectDN.addLongIdentifier("subjectDN", true);
    signCSRSubjectDN.addLongIdentifier("subject", true);
    signCSRSubjectDN.addLongIdentifier("dname", true);
    signCSRParser.addArgument(signCSRSubjectDN);
    final IntegerArgument signCSRDaysValid = new IntegerArgument(null, "days-valid", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
    signCSRDaysValid.addLongIdentifier("daysValid", true);
    signCSRDaysValid.addLongIdentifier("validity", true);
    signCSRParser.addArgument(signCSRDaysValid);
    final TimestampArgument signCSRNotBefore = new TimestampArgument(null, "validity-start-time", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_VALIDITY_START_TIME_DESC.get("20180102123456"));
    signCSRNotBefore.addLongIdentifier("validityStartTime", true);
    signCSRNotBefore.addLongIdentifier("not-before", true);
    signCSRNotBefore.addLongIdentifier("notBefore", true);
    signCSRParser.addArgument(signCSRNotBefore);
    final StringArgument signCSRSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SIG_ALG_DESC.get());
    signCSRSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    signCSRSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    signCSRParser.addArgument(signCSRSignatureAlgorithm);
    final BooleanArgument signCSRIncludeExtensions = new BooleanArgument(null, "include-requested-extensions", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INCLUDE_EXT_DESC.get());
    signCSRIncludeExtensions.addLongIdentifier("includeRequestedExtensions", true);
    signCSRParser.addArgument(signCSRIncludeExtensions);
    final StringArgument signCSRSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_DNS_DESC.get());
    signCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("san-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("sanDNS", true);
    signCSRSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRSubjectAltDNS);
    final StringArgument signCSRSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_IP_DESC.get());
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    signCSRSubjectAltIP.addLongIdentifier("san-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("san-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("sanIP", true);
    signCSRSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    signCSRParser.addArgument(signCSRSubjectAltIP);
    final StringArgument signCSRSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_EMAIL_DESC.get());
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("san-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("san-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("sanEmail", true);
    signCSRSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRSubjectAltEmail);
    final StringArgument signCSRSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_URI_DESC.get());
    signCSRSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    signCSRSubjectAltURI.addLongIdentifier("san-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("sanURI", true);
    signCSRParser.addArgument(signCSRSubjectAltURI);
    final StringArgument signCSRSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_OID_DESC.get());
    signCSRSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    signCSRSubjectAltOID.addLongIdentifier("san-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("sanOID", true);
    signCSRSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    signCSRParser.addArgument(signCSRSubjectAltOID);
    final StringArgument signCSRIssuerAltDNS = new StringArgument(null, "issuer-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_DNS_DESC.get());
    signCSRIssuerAltDNS.addLongIdentifier("issuerAlternativeNameDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alt-name-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAltNameDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alternative-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAlternativeDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alt-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAltDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("ian-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("ianDNS", true);
    signCSRIssuerAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRIssuerAltDNS);
    final StringArgument signCSRIssuerAltIP = new StringArgument(null, "issuer-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_IP_DESC.get());
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeNameIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-name-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeNameIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-name-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltNameIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-name-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltNameIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltIP", true);
    signCSRIssuerAltIP.addLongIdentifier("ian-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("ianIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("ian-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("ianIP", true);
    signCSRIssuerAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    signCSRParser.addArgument(signCSRIssuerAltIP);
    final StringArgument signCSRIssuerAltEmail = new StringArgument(null, "issuer-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_EMAIL_DESC.get());
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeNameEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-name-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeNameEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-name-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltNameEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-name-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltNameEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("ian-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("ianEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("ian-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("ianEmail", true);
    signCSRIssuerAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRIssuerAltEmail);
    final StringArgument signCSRIssuerAltURI = new StringArgument(null, "issuer-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_URI_DESC.get());
    signCSRIssuerAltURI.addLongIdentifier("issuerAlternativeNameURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alt-name-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAltNameURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alternative-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAlternativeURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alt-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAltURI", true);
    signCSRIssuerAltURI.addLongIdentifier("ian-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("ianURI", true);
    signCSRParser.addArgument(signCSRIssuerAltURI);
    final StringArgument signCSRIssuerAltOID = new StringArgument(null, "issuer-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_OID_DESC.get());
    signCSRIssuerAltOID.addLongIdentifier("issuerAlternativeNameOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alt-name-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAltNameOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alternative-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAlternativeOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alt-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAltOID", true);
    signCSRIssuerAltOID.addLongIdentifier("ian-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("ianOID", true);
    signCSRIssuerAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    signCSRParser.addArgument(signCSRIssuerAltOID);
    final BooleanValueArgument signCSRBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_BC_IS_CA_DESC.get());
    signCSRBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    signCSRBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    signCSRBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    signCSRParser.addArgument(signCSRBasicConstraintsIsCA);
    final IntegerArgument signCSRBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    signCSRParser.addArgument(signCSRBasicConstraintsPathLength);
    final StringArgument signCSRKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KU_DESC.get());
    signCSRKeyUsage.addLongIdentifier("keyUsage", true);
    signCSRParser.addArgument(signCSRKeyUsage);
    final StringArgument signCSRExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EKU_DESC.get());
    signCSRExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    signCSRParser.addArgument(signCSRExtendedKeyUsage);
    final StringArgument signCSRExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EXT_DESC.get());
    signCSRExtension.addLongIdentifier("ext", true);
    signCSRParser.addArgument(signCSRExtension);
    final BooleanArgument signCSRNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_NO_PROMPT_DESC.get());
    signCSRNoPrompt.addLongIdentifier("noPrompt", true);
    signCSRParser.addArgument(signCSRNoPrompt);
    final BooleanArgument signCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    signCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    signCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    signCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    signCSRParser.addArgument(signCSRDisplayCommand);
    signCSRParser.addRequiredArgumentSet(signCSRKeystorePassword, signCSRKeystorePasswordFile, signCSRPromptForKeystorePassword);
    signCSRParser.addExclusiveArgumentSet(signCSRKeystorePassword, signCSRKeystorePasswordFile, signCSRPromptForKeystorePassword);
    signCSRParser.addExclusiveArgumentSet(signCSRPKPassword, signCSRPKPasswordFile, signCSRPromptForPKPassword);
    signCSRParser.addDependentArgumentSet(signCSRBasicConstraintsPathLength, signCSRBasicConstraintsIsCA);
    final LinkedHashMap<String[], String> signCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    signCSRExamples.put(new String[] { "sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--include-requested-extensions" }, INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    signCSRExamples.put(new String[] { "sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--certificate-output-file", "server-cert.der", "--output-format", "DER", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--days-valid", "730", "--validity-start-time", "20170101000000", "--include-requested-extensions", "--issuer-alternative-name-email-address", "ca@example.com" }, INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_2.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand signCSRSubCommand = new SubCommand("sign-certificate-signing-request", INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get(), signCSRParser, signCSRExamples);
    signCSRSubCommand.addName("signCertificateSigningRequest", true);
    signCSRSubCommand.addName("sign-certificate-request", true);
    signCSRSubCommand.addName("signCertificateRequest", true);
    signCSRSubCommand.addName("sign-certificate", true);
    signCSRSubCommand.addName("signCertificate", true);
    signCSRSubCommand.addName("sign-csr", true);
    signCSRSubCommand.addName("signCSR", true);
    signCSRSubCommand.addName("sign", true);
    signCSRSubCommand.addName("gencert", true);
    parser.addSubCommand(signCSRSubCommand);
    // Define the "change-certificate-alias" subcommand and all of its
    // arguments.
    final ArgumentParser changeAliasParser = new ArgumentParser("change-certificate-alias", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get());
    final FileArgument changeAliasKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_DESC.get(), true, true, true, false);
    changeAliasKeystore.addLongIdentifier("keystore-path", true);
    changeAliasKeystore.addLongIdentifier("keystorePath", true);
    changeAliasKeystore.addLongIdentifier("keystore-file", true);
    changeAliasKeystore.addLongIdentifier("keystoreFile", true);
    changeAliasParser.addArgument(changeAliasKeystore);
    final StringArgument changeAliasKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_DESC.get());
    changeAliasKeystorePassword.addLongIdentifier("keystorePassword", true);
    changeAliasKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    changeAliasKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    changeAliasKeystorePassword.addLongIdentifier("keystore-pin", true);
    changeAliasKeystorePassword.addLongIdentifier("keystorePIN", true);
    changeAliasKeystorePassword.addLongIdentifier("storepass", true);
    changeAliasKeystorePassword.setSensitive(true);
    changeAliasParser.addArgument(changeAliasKeystorePassword);
    final FileArgument changeAliasKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    changeAliasParser.addArgument(changeAliasKeystorePasswordFile);
    final BooleanArgument changeAliasPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_KS_PW_DESC.get());
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    changeAliasParser.addArgument(changeAliasPromptForKeystorePassword);
    final StringArgument changeAliasPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_DESC.get());
    changeAliasPKPassword.addLongIdentifier("privateKeyPassword", true);
    changeAliasPKPassword.addLongIdentifier("private-key-passphrase", true);
    changeAliasPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    changeAliasPKPassword.addLongIdentifier("private-key-pin", true);
    changeAliasPKPassword.addLongIdentifier("privateKeyPIN", true);
    changeAliasPKPassword.addLongIdentifier("key-password", true);
    changeAliasPKPassword.addLongIdentifier("keyPassword", true);
    changeAliasPKPassword.addLongIdentifier("key-passphrase", true);
    changeAliasPKPassword.addLongIdentifier("keyPassphrase", true);
    changeAliasPKPassword.addLongIdentifier("key-pin", true);
    changeAliasPKPassword.addLongIdentifier("keyPIN", true);
    changeAliasPKPassword.addLongIdentifier("keypass", true);
    changeAliasPKPassword.setSensitive(true);
    changeAliasParser.addArgument(changeAliasPKPassword);
    final FileArgument changeAliasPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-password-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-pin-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPINFile", true);
    changeAliasParser.addArgument(changeAliasPKPasswordFile);
    final BooleanArgument changeAliasPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_PK_PW_DESC.get());
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    changeAliasParser.addArgument(changeAliasPromptForPKPassword);
    final StringArgument changeAliasKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    changeAliasKeystoreType.addLongIdentifier("key-store-type", true);
    changeAliasKeystoreType.addLongIdentifier("keystoreType", true);
    changeAliasKeystoreType.addLongIdentifier("keystore-format", true);
    changeAliasKeystoreType.addLongIdentifier("key-store-format", true);
    changeAliasKeystoreType.addLongIdentifier("keystoreFormat", true);
    changeAliasKeystoreType.addLongIdentifier("storetype", true);
    changeAliasParser.addArgument(changeAliasKeystoreType);
    final StringArgument changeAliasCurrentAlias = new StringArgument(null, "current-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_CURRENT_ALIAS_DESC.get());
    changeAliasCurrentAlias.addLongIdentifier("currentAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("old-alias", true);
    changeAliasCurrentAlias.addLongIdentifier("oldAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("source-alias", true);
    changeAliasCurrentAlias.addLongIdentifier("sourceAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("alias", true);
    changeAliasCurrentAlias.addLongIdentifier("current-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("currentNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("old-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("oldNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("source-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("sourceNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("from", false);
    changeAliasParser.addArgument(changeAliasCurrentAlias);
    final StringArgument changeAliasNewAlias = new StringArgument(null, "new-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_NEW_ALIAS_DESC.get());
    changeAliasNewAlias.addLongIdentifier("newAlias", true);
    changeAliasNewAlias.addLongIdentifier("destination-alias", true);
    changeAliasNewAlias.addLongIdentifier("destinationAlias", true);
    changeAliasNewAlias.addLongIdentifier("new-nickname", true);
    changeAliasNewAlias.addLongIdentifier("newNickname", true);
    changeAliasNewAlias.addLongIdentifier("destination-nickname", true);
    changeAliasNewAlias.addLongIdentifier("destinationNickname", true);
    changeAliasNewAlias.addLongIdentifier("to", false);
    changeAliasParser.addArgument(changeAliasNewAlias);
    final BooleanArgument changeAliasDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_DISPLAY_COMMAND_DESC.get());
    changeAliasDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changeAliasDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changeAliasDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changeAliasParser.addArgument(changeAliasDisplayCommand);
    changeAliasParser.addRequiredArgumentSet(changeAliasKeystorePassword, changeAliasKeystorePasswordFile, changeAliasPromptForKeystorePassword);
    changeAliasParser.addExclusiveArgumentSet(changeAliasKeystorePassword, changeAliasKeystorePasswordFile, changeAliasPromptForKeystorePassword);
    changeAliasParser.addExclusiveArgumentSet(changeAliasPKPassword, changeAliasPKPasswordFile, changeAliasPromptForPKPassword);
    final LinkedHashMap<String[], String> changeAliasExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changeAliasExamples.put(new String[] { "change-certificate-alias", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--current-alias", "server-cert", "--new-alias", "server-certificate", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_EXAMPLE_1.get());
    final SubCommand changeAliasSubCommand = new SubCommand("change-certificate-alias", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get(), changeAliasParser, changeAliasExamples);
    changeAliasSubCommand.addName("changeCertificateAlias", true);
    changeAliasSubCommand.addName("change-alias", true);
    changeAliasSubCommand.addName("changeAlias", true);
    changeAliasSubCommand.addName("rename-certificate", true);
    changeAliasSubCommand.addName("renameCertificate", true);
    changeAliasSubCommand.addName("rename", true);
    parser.addSubCommand(changeAliasSubCommand);
    // Define the "change-keystore-password" subcommand and all of its
    // arguments.
    final ArgumentParser changeKSPWParser = new ArgumentParser("change-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get());
    final FileArgument changeKSPWKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_KS_DESC.get(), true, true, true, false);
    changeKSPWKeystore.addLongIdentifier("keystore-path", true);
    changeKSPWKeystore.addLongIdentifier("keystorePath", true);
    changeKSPWKeystore.addLongIdentifier("keystore-file", true);
    changeKSPWKeystore.addLongIdentifier("keystoreFile", true);
    changeKSPWParser.addArgument(changeKSPWKeystore);
    final StringArgument changeKSPWCurrentPassword = new StringArgument(null, "current-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_DESC.get());
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePassword", true);
    changeKSPWCurrentPassword.addLongIdentifier("current-keystore-passphrase", true);
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePassphrase", true);
    changeKSPWCurrentPassword.addLongIdentifier("current-keystore-pin", true);
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePIN", true);
    changeKSPWCurrentPassword.addLongIdentifier("storepass", true);
    changeKSPWCurrentPassword.setSensitive(true);
    changeKSPWParser.addArgument(changeKSPWCurrentPassword);
    final FileArgument changeKSPWCurrentPasswordFile = new FileArgument(null, "current-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePasswordFile", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("current-keystore-passphrase-file", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePassphraseFile", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("current-keystore-pin-file", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePINFile", true);
    changeKSPWParser.addArgument(changeKSPWCurrentPasswordFile);
    final BooleanArgument changeKSPWPromptForCurrentPassword = new BooleanArgument(null, "prompt-for-current-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePassword", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-keystore-passphrase", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePassphrase", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-keystore-pin", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePIN", true);
    changeKSPWParser.addArgument(changeKSPWPromptForCurrentPassword);
    final StringArgument changeKSPWNewPassword = new StringArgument(null, "new-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_DESC.get());
    changeKSPWNewPassword.addLongIdentifier("newKeystorePassword", true);
    changeKSPWNewPassword.addLongIdentifier("new-keystore-passphrase", true);
    changeKSPWNewPassword.addLongIdentifier("newKeystorePassphrase", true);
    changeKSPWNewPassword.addLongIdentifier("new-keystore-pin", true);
    changeKSPWNewPassword.addLongIdentifier("newKeystorePIN", true);
    changeKSPWNewPassword.addLongIdentifier("new", true);
    changeKSPWNewPassword.setSensitive(true);
    changeKSPWParser.addArgument(changeKSPWNewPassword);
    final FileArgument changeKSPWNewPasswordFile = new FileArgument(null, "new-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePasswordFile", true);
    changeKSPWNewPasswordFile.addLongIdentifier("new-keystore-passphrase-file", true);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePassphraseFile", true);
    changeKSPWNewPasswordFile.addLongIdentifier("new-keystore-pin-file", true);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePINFile", true);
    changeKSPWParser.addArgument(changeKSPWNewPasswordFile);
    final BooleanArgument changeKSPWPromptForNewPassword = new BooleanArgument(null, "prompt-for-new-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePassword", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("prompt-for-new-keystore-passphrase", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePassphrase", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("prompt-for-new-keystore-pin", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePIN", true);
    changeKSPWParser.addArgument(changeKSPWPromptForNewPassword);
    final BooleanArgument changeKSPWDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_DISPLAY_COMMAND_DESC.get());
    changeKSPWDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changeKSPWDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changeKSPWDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changeKSPWParser.addArgument(changeKSPWDisplayCommand);
    changeKSPWParser.addRequiredArgumentSet(changeKSPWCurrentPassword, changeKSPWCurrentPasswordFile, changeKSPWPromptForCurrentPassword);
    changeKSPWParser.addExclusiveArgumentSet(changeKSPWCurrentPassword, changeKSPWCurrentPasswordFile, changeKSPWPromptForCurrentPassword);
    changeKSPWParser.addRequiredArgumentSet(changeKSPWNewPassword, changeKSPWNewPasswordFile, changeKSPWPromptForNewPassword);
    changeKSPWParser.addExclusiveArgumentSet(changeKSPWNewPassword, changeKSPWNewPasswordFile, changeKSPWPromptForNewPassword);
    final LinkedHashMap<String[], String> changeKSPWExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changeKSPWExamples.put(new String[] { "change-keystore-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--current-keystore-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-keystore-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
    final SubCommand changeKSPWSubCommand = new SubCommand("change-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get(), changeKSPWParser, changeKSPWExamples);
    changeKSPWSubCommand.addName("changeKeystorePassword", true);
    changeKSPWSubCommand.addName("change-keystore-passphrase", true);
    changeKSPWSubCommand.addName("changeKeystorePassphrase", true);
    changeKSPWSubCommand.addName("change-keystore-pin", true);
    changeKSPWSubCommand.addName("changeKeystorePIN", true);
    changeKSPWSubCommand.addName("storepasswd", true);
    parser.addSubCommand(changeKSPWSubCommand);
    // Define the "change-private-key-password" subcommand and all of its
    // arguments.
    final ArgumentParser changePKPWParser = new ArgumentParser("change-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get());
    final FileArgument changePKPWKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_DESC.get(), true, true, true, false);
    changePKPWKeystore.addLongIdentifier("keystore-path", true);
    changePKPWKeystore.addLongIdentifier("keystorePath", true);
    changePKPWKeystore.addLongIdentifier("keystore-file", true);
    changePKPWKeystore.addLongIdentifier("keystoreFile", true);
    changePKPWParser.addArgument(changePKPWKeystore);
    final StringArgument changePKPWKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_DESC.get());
    changePKPWKeystorePassword.addLongIdentifier("keystorePassword", true);
    changePKPWKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    changePKPWKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    changePKPWKeystorePassword.addLongIdentifier("keystore-pin", true);
    changePKPWKeystorePassword.addLongIdentifier("keystorePIN", true);
    changePKPWKeystorePassword.addLongIdentifier("storepass", true);
    changePKPWKeystorePassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWKeystorePassword);
    final FileArgument changePKPWKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    changePKPWParser.addArgument(changePKPWKeystorePasswordFile);
    final BooleanArgument changePKPWPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_KS_PW_DESC.get());
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    changePKPWParser.addArgument(changePKPWPromptForKeystorePassword);
    final StringArgument changePKPWKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    changePKPWKeystoreType.addLongIdentifier("key-store-type", true);
    changePKPWKeystoreType.addLongIdentifier("keystoreType", true);
    changePKPWKeystoreType.addLongIdentifier("keystore-format", true);
    changePKPWKeystoreType.addLongIdentifier("key-store-format", true);
    changePKPWKeystoreType.addLongIdentifier("keystoreFormat", true);
    changePKPWKeystoreType.addLongIdentifier("storetype", true);
    changePKPWParser.addArgument(changePKPWKeystoreType);
    final StringArgument changePKPWAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_ALIAS_DESC.get());
    changePKPWAlias.addLongIdentifier("nickname", true);
    changePKPWParser.addArgument(changePKPWAlias);
    final StringArgument changePKPWCurrentPassword = new StringArgument(null, "current-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_DESC.get());
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPassword", true);
    changePKPWCurrentPassword.addLongIdentifier("current-private-key-passphrase", true);
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPassphrase", true);
    changePKPWCurrentPassword.addLongIdentifier("current-private-key-pin", true);
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPIN", true);
    changePKPWCurrentPassword.addLongIdentifier("keypass", true);
    changePKPWCurrentPassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWCurrentPassword);
    final FileArgument changePKPWCurrentPasswordFile = new FileArgument(null, "current-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPasswordFile", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("current-private-key-passphrase-file", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPassphraseFile", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("current-private-key-pin-file", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPINFile", true);
    changePKPWParser.addArgument(changePKPWCurrentPasswordFile);
    final BooleanArgument changePKPWPromptForCurrentPassword = new BooleanArgument(null, "prompt-for-current-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPassword", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-private-key-passphrase", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPassphrase", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-private-key-pin", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPIN", true);
    changePKPWParser.addArgument(changePKPWPromptForCurrentPassword);
    final StringArgument changePKPWNewPassword = new StringArgument(null, "new-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_DESC.get());
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPassword", true);
    changePKPWNewPassword.addLongIdentifier("new-private-key-passphrase", true);
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPassphrase", true);
    changePKPWNewPassword.addLongIdentifier("new-private-key-pin", true);
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPIN", true);
    changePKPWNewPassword.addLongIdentifier("new", true);
    changePKPWNewPassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWNewPassword);
    final FileArgument changePKPWNewPasswordFile = new FileArgument(null, "new-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPasswordFile", true);
    changePKPWNewPasswordFile.addLongIdentifier("new-private-key-passphrase-file", true);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPassphraseFile", true);
    changePKPWNewPasswordFile.addLongIdentifier("new-private-key-pin-file", true);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPINFile", true);
    changePKPWParser.addArgument(changePKPWNewPasswordFile);
    final BooleanArgument changePKPWPromptForNewPassword = new BooleanArgument(null, "prompt-for-new-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPassword", true);
    changePKPWPromptForNewPassword.addLongIdentifier("prompt-for-new-private-key-passphrase", true);
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPassphrase", true);
    changePKPWPromptForNewPassword.addLongIdentifier("prompt-for-new-private-key-pin", true);
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPIN", true);
    changePKPWParser.addArgument(changePKPWPromptForNewPassword);
    final BooleanArgument changePKPWDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_DISPLAY_COMMAND_DESC.get());
    changePKPWDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changePKPWDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changePKPWDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changePKPWParser.addArgument(changePKPWDisplayCommand);
    changePKPWParser.addRequiredArgumentSet(changePKPWKeystorePassword, changePKPWKeystorePasswordFile, changePKPWPromptForKeystorePassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWKeystorePassword, changePKPWKeystorePasswordFile, changePKPWPromptForKeystorePassword);
    changePKPWParser.addRequiredArgumentSet(changePKPWCurrentPassword, changePKPWCurrentPasswordFile, changePKPWPromptForCurrentPassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWCurrentPassword, changePKPWCurrentPasswordFile, changePKPWPromptForCurrentPassword);
    changePKPWParser.addRequiredArgumentSet(changePKPWNewPassword, changePKPWNewPasswordFile, changePKPWPromptForNewPassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWNewPassword, changePKPWNewPasswordFile, changePKPWPromptForNewPassword);
    final LinkedHashMap<String[], String> changePKPWExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changePKPWExamples.put(new String[] { "change-private-key-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--current-private-key-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-private-key-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
    final SubCommand changePKPWSubCommand = new SubCommand("change-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get(), changePKPWParser, changePKPWExamples);
    changePKPWSubCommand.addName("changePrivateKeyPassword", true);
    changePKPWSubCommand.addName("change-private-key-passphrase", true);
    changePKPWSubCommand.addName("changePrivateKeyPassphrase", true);
    changePKPWSubCommand.addName("change-private-key-pin", true);
    changePKPWSubCommand.addName("changePrivateKeyPIN", true);
    changePKPWSubCommand.addName("change-key-password", true);
    changePKPWSubCommand.addName("changeKeyPassword", true);
    changePKPWSubCommand.addName("change-key-passphrase", true);
    changePKPWSubCommand.addName("changeKeyPassphrase", true);
    changePKPWSubCommand.addName("change-key-pin", true);
    changePKPWSubCommand.addName("changeKeyPIN", true);
    changePKPWSubCommand.addName("keypasswd", true);
    parser.addSubCommand(changePKPWSubCommand);
    // Define the "copy-keystore" subcommand and all of its arguments.
    final ArgumentParser copyKSParser = new ArgumentParser("copy-keystore", INFO_MANAGE_CERTS_SC_COPY_KS_DESC.get());
    final FileArgument copyKSSourceKeystore = new FileArgument(null, "source-keystore", true, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_DESC.get(), true, true, true, false);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystore", true);
    copyKSSourceKeystore.addLongIdentifier("source-keystore-path", true);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystorePath", true);
    copyKSSourceKeystore.addLongIdentifier("source-keystore-file", true);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystoreFile", true);
    copyKSParser.addArgument(copyKSSourceKeystore);
    final StringArgument copyKSSourceKeystorePassword = new StringArgument(null, "source-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_PW_DESC.get());
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePassword", true);
    copyKSSourceKeystorePassword.addLongIdentifier("source-keystore-passphrase", true);
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePassphrase", true);
    copyKSSourceKeystorePassword.addLongIdentifier("source-keystore-pin", true);
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePIN", true);
    copyKSParser.addArgument(copyKSSourceKeystorePassword);
    final FileArgument copyKSSourceKeystorePasswordFile = new FileArgument(null, "source-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_PW_FILE_DESC.get(), true, true, true, false);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePasswordFile", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("source-keystore-passphrase-file", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePassphraseFile", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("source-keystore-pin-file", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePINFile", true);
    copyKSParser.addArgument(copyKSSourceKeystorePasswordFile);
    final BooleanArgument copyKSPromptForSourceKeystorePassword = new BooleanArgument(null, "prompt-for-source-keystore-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_SRC_KS_PW.get());
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePassword", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("prompt-for-source-keystore-passphrase", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePassphrase", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("prompt-for-source-keystore-pin", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePIN", true);
    copyKSParser.addArgument(copyKSPromptForSourceKeystorePassword);
    final StringArgument copyKSSourcePKPassword = new StringArgument(null, "source-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_PK_PW_DESC.get());
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPassword", true);
    copyKSSourcePKPassword.addLongIdentifier("source-private-key-passphrase", true);
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPassphrase", true);
    copyKSSourcePKPassword.addLongIdentifier("source-private-key-pin", true);
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSSourcePKPassword);
    final FileArgument copyKSSourcePKPasswordFile = new FileArgument(null, "source-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_PK_PW_FILE_DESC.get(), true, true, true, false);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPasswordFile", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("source-private-key-passphrase-file", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPassphraseFile", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("source-private-key-pin-file", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPINFile", true);
    copyKSParser.addArgument(copyKSSourcePKPasswordFile);
    final BooleanArgument copyKSPromptForSourcePKPassword = new BooleanArgument(null, "prompt-for-source-private-key-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_SRC_PK_PW.get());
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPassword", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("prompt-for-source-private-key-passphrase", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPassphrase", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("prompt-for-source-private-key-pin", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSPromptForSourcePKPassword);
    final StringArgument copyKSSourceKeystoreType = new StringArgument(null, "source-keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_TYPE.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    copyKSSourceKeystoreType.addLongIdentifier("source-key-store-type", true);
    copyKSSourceKeystoreType.addLongIdentifier("sourceKeystoreType", true);
    copyKSSourceKeystoreType.addLongIdentifier("source-keystore-format", true);
    copyKSSourceKeystoreType.addLongIdentifier("source-key-store-format", true);
    copyKSSourceKeystoreType.addLongIdentifier("sourceKeystoreFormat", true);
    copyKSParser.addArgument(copyKSSourceKeystoreType);
    final FileArgument copyKSDestKeystore = new FileArgument(null, "destination-keystore", true, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_DESC.get(), false, true, true, false);
    copyKSDestKeystore.addLongIdentifier("destinationKeystore", true);
    copyKSDestKeystore.addLongIdentifier("destination-keystore-path", true);
    copyKSDestKeystore.addLongIdentifier("destinationKeystorePath", true);
    copyKSDestKeystore.addLongIdentifier("destination-keystore-file", true);
    copyKSDestKeystore.addLongIdentifier("destinationKeystoreFile", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystore", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore-path", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystorePath", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore-file", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystoreFile", true);
    copyKSParser.addArgument(copyKSDestKeystore);
    final StringArgument copyKSDestKeystorePassword = new StringArgument(null, "destination-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_PW_DESC.get());
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePassword", true);
    copyKSDestKeystorePassword.addLongIdentifier("destination-keystore-passphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePassphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("destination-keystore-pin", true);
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePIN", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-password", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePassword", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-passphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePassphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-pin", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePIN", true);
    copyKSParser.addArgument(copyKSDestKeystorePassword);
    final FileArgument copyKSDestKeystorePasswordFile = new FileArgument(null, "destination-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_PW_FILE_DESC.get(), true, true, true, false);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePasswordFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destination-keystore-passphrase-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePassphraseFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destination-keystore-pin-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePINFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-password-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePasswordFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-passphrase-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePassphraseFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-pin-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePINFile", true);
    copyKSParser.addArgument(copyKSDestKeystorePasswordFile);
    final BooleanArgument copyKSPromptForDestKeystorePassword = new BooleanArgument(null, "prompt-for-destination-keystore-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_DST_KS_PW.get());
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePassword", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Destination-keystore-passphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePassphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Destination-keystore-pin", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePIN", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-target-keystore-password", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePassword", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Target-keystore-passphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePassphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Target-keystore-pin", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePIN", true);
    copyKSParser.addArgument(copyKSPromptForDestKeystorePassword);
    final StringArgument copyKSDestPKPassword = new StringArgument(null, "destination-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_PK_PW_DESC.get());
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPassword", true);
    copyKSDestPKPassword.addLongIdentifier("destination-private-key-passphrase", true);
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPassphrase", true);
    copyKSDestPKPassword.addLongIdentifier("destination-private-key-pin", true);
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPIN", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-password", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPassword", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-passphrase", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPassphrase", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-pin", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSDestPKPassword);
    final FileArgument copyKSDestPKPasswordFile = new FileArgument(null, "destination-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_PK_PW_FILE_DESC.get(), true, true, true, false);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPasswordFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destination-private-key-passphrase-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPassphraseFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destination-private-key-pin-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPINFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-password-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPasswordFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-passphrase-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPassphraseFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-pin-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPINFile", true);
    copyKSParser.addArgument(copyKSDestPKPasswordFile);
    final BooleanArgument copyKSPromptForDestPKPassword = new BooleanArgument(null, "prompt-for-destination-private-key-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_DST_PK_PW.get());
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPassword", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Destination-private-key-passphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPassphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Destination-private-key-pin", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPIN", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-target-private-key-password", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPassword", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Target-private-key-passphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPassphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Target-private-key-pin", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSPromptForDestPKPassword);
    final StringArgument copyKSDestKeystoreType = new StringArgument(null, "destination-keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_TYPE.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    copyKSDestKeystoreType.addLongIdentifier("destination-key-store-type", true);
    copyKSDestKeystoreType.addLongIdentifier("destinationKeystoreType", true);
    copyKSDestKeystoreType.addLongIdentifier("destination-keystore-format", true);
    copyKSDestKeystoreType.addLongIdentifier("destination-key-store-format", true);
    copyKSDestKeystoreType.addLongIdentifier("destinationKeystoreFormat", true);
    copyKSDestKeystoreType.addLongIdentifier("target-key-store-type", true);
    copyKSDestKeystoreType.addLongIdentifier("targetKeystoreType", true);
    copyKSDestKeystoreType.addLongIdentifier("target-keystore-format", true);
    copyKSDestKeystoreType.addLongIdentifier("target-key-store-format", true);
    copyKSDestKeystoreType.addLongIdentifier("targetKeystoreFormat", true);
    copyKSParser.addArgument(copyKSDestKeystoreType);
    final StringArgument copyKSAlias = new StringArgument(null, "alias", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_ALIAS.get());
    copyKSAlias.addLongIdentifier("nickname", true);
    copyKSParser.addArgument(copyKSAlias);
    copyKSParser.addRequiredArgumentSet(copyKSSourceKeystorePassword, copyKSSourceKeystorePasswordFile, copyKSPromptForSourceKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSSourceKeystorePassword, copyKSSourceKeystorePasswordFile, copyKSPromptForSourceKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSSourcePKPassword, copyKSSourcePKPasswordFile, copyKSPromptForDestPKPassword);
    copyKSParser.addExclusiveArgumentSet(copyKSDestKeystorePassword, copyKSDestKeystorePasswordFile, copyKSPromptForDestKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSDestPKPassword, copyKSDestPKPasswordFile, copyKSPromptForDestPKPassword);
    final LinkedHashMap<String[], String> copyKeyStoreExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    copyKeyStoreExamples.put(new String[] { "copy-keystore", "--source-keystore", getPlatformSpecificPath("config", "keystore.jks"), "--source-keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--source-keystore-type", "JKS", "--destination-keystore", getPlatformSpecificPath("config", "keystore.p12"), "--destination-keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--destination-keystore-type", "PKCS12" }, INFO_MANAGE_CERTS_SC_COPY_KS_EXAMPLE_1.get("keystore.jks", "keystore.p12"));
    final SubCommand copyKeyStoreSubCommand = new SubCommand("copy-keystore", INFO_MANAGE_CERTS_SC_COPY_KS_DESC.get(), copyKSParser, copyKeyStoreExamples);
    copyKeyStoreSubCommand.addName("copy-key-store", true);
    copyKeyStoreSubCommand.addName("copyKeyStore", true);
    copyKeyStoreSubCommand.addName("import-keystore", true);
    copyKeyStoreSubCommand.addName("import-key-store", true);
    copyKeyStoreSubCommand.addName("importKeyStore", true);
    copyKeyStoreSubCommand.addName("convert-keystore", true);
    copyKeyStoreSubCommand.addName("convert-key-store", true);
    copyKeyStoreSubCommand.addName("convertKeyStore", true);
    parser.addSubCommand(copyKeyStoreSubCommand);
    // Define the "retrieve-server-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser retrieveCertParser = new ArgumentParser("retrieve-server-certificate", INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_DESC.get());
    final StringArgument retrieveCertHostname = new StringArgument('h', "hostname", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_HOST.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_HOSTNAME_DESC.get());
    retrieveCertHostname.addLongIdentifier("server-address", true);
    retrieveCertHostname.addLongIdentifier("serverAddress", true);
    retrieveCertHostname.addLongIdentifier("address", true);
    retrieveCertParser.addArgument(retrieveCertHostname);
    final IntegerArgument retrieveCertPort = new IntegerArgument('p', "port", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PORT.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_PORT_DESC.get(), 1, 65_535);
    retrieveCertPort.addLongIdentifier("server-port", true);
    retrieveCertPort.addLongIdentifier("serverPort", true);
    retrieveCertParser.addArgument(retrieveCertPort);
    final BooleanArgument retrieveCertUseStartTLS = new BooleanArgument('q', "use-ldap-start-tls", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_USE_START_TLS_DESC.get());
    retrieveCertUseStartTLS.addLongIdentifier("use-ldap-starttls", true);
    retrieveCertUseStartTLS.addLongIdentifier("useLDAPStartTLS", true);
    retrieveCertUseStartTLS.addLongIdentifier("use-start-tls", true);
    retrieveCertUseStartTLS.addLongIdentifier("use-starttls", true);
    retrieveCertUseStartTLS.addLongIdentifier("useStartTLS", true);
    retrieveCertParser.addArgument(retrieveCertUseStartTLS);
    final FileArgument retrieveCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_FILE_DESC.get(), false, true, true, false);
    retrieveCertOutputFile.addLongIdentifier("outputFile", true);
    retrieveCertOutputFile.addLongIdentifier("export-file", true);
    retrieveCertOutputFile.addLongIdentifier("exportFile", true);
    retrieveCertOutputFile.addLongIdentifier("certificate-file", true);
    retrieveCertOutputFile.addLongIdentifier("certificateFile", true);
    retrieveCertOutputFile.addLongIdentifier("file", true);
    retrieveCertOutputFile.addLongIdentifier("filename", true);
    retrieveCertParser.addArgument(retrieveCertOutputFile);
    final Set<String> retrieveCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument retrieveCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_FORMAT_DESC.get(), retrieveCertOutputFormatAllowedValues, "PEM");
    retrieveCertOutputFormat.addLongIdentifier("outputFormat", true);
    retrieveCertParser.addArgument(retrieveCertOutputFormat);
    final BooleanArgument retrieveCertOnlyPeer = new BooleanArgument(null, "only-peer-certificate", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_ONLY_PEER_DESC.get());
    retrieveCertOnlyPeer.addLongIdentifier("onlyPeerCertificate", true);
    retrieveCertOnlyPeer.addLongIdentifier("only-peer", true);
    retrieveCertOnlyPeer.addLongIdentifier("onlyPeer", true);
    retrieveCertOnlyPeer.addLongIdentifier("peer-certificate-only", true);
    retrieveCertOnlyPeer.addLongIdentifier("peerCertificateOnly", true);
    retrieveCertOnlyPeer.addLongIdentifier("peer-only", true);
    retrieveCertOnlyPeer.addLongIdentifier("peerOnly", true);
    retrieveCertParser.addArgument(retrieveCertOnlyPeer);
    final BooleanArgument retrieveCertEnableSSLDebugging = new BooleanArgument(null, "enableSSLDebugging", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_ENABLE_SSL_DEBUGGING_DESC.get());
    retrieveCertEnableSSLDebugging.addLongIdentifier("enableTLSDebugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enableStartTLSDebugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-ssl-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-tls-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-starttls-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-start-tls-debugging", true);
    retrieveCertParser.addArgument(retrieveCertEnableSSLDebugging);
    addEnableSSLDebuggingArgument(retrieveCertEnableSSLDebugging);
    final BooleanArgument retrieveCertVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_VERBOSE_DESC.get());
    retrieveCertParser.addArgument(retrieveCertVerbose);
    retrieveCertParser.addDependentArgumentSet(retrieveCertOutputFormat, retrieveCertOutputFile);
    final LinkedHashMap<String[], String> retrieveCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    retrieveCertExamples.put(new String[] { "retrieve-server-certificate", "--hostname", "ds.example.com", "--port", "636" }, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_EXAMPLE_1.get(getPlatformSpecificPath("config", "truststore")));
    retrieveCertExamples.put(new String[] { "retrieve-server-certificate", "--hostname", "ds.example.com", "--port", "389", "--use-ldap-start-tls", "--only-peer-certificate", "--output-file", "ds-cert.pem", "--output-format", "PEM", "--verbose" }, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_EXAMPLE_2.get(getPlatformSpecificPath("config", "truststore")));
    final SubCommand retrieveCertSubCommand = new SubCommand("retrieve-server-certificate", INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_DESC.get(), retrieveCertParser, retrieveCertExamples);
    retrieveCertSubCommand.addName("retrieveServerCertificate", true);
    retrieveCertSubCommand.addName("retrieve-certificate", true);
    retrieveCertSubCommand.addName("retrieveCertificate", true);
    retrieveCertSubCommand.addName("get-server-certificate", true);
    retrieveCertSubCommand.addName("getServerCertificate", true);
    retrieveCertSubCommand.addName("get-certificate", true);
    retrieveCertSubCommand.addName("getCertificate", true);
    retrieveCertSubCommand.addName("display-server-certificate", true);
    retrieveCertSubCommand.addName("displayServerCertificate", true);
    parser.addSubCommand(retrieveCertSubCommand);
    // Define the "trust-server-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser trustServerParser = new ArgumentParser("trust-server-certificate", INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get());
    final StringArgument trustServerHostname = new StringArgument('h', "hostname", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_HOST.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_HOSTNAME_DESC.get());
    trustServerHostname.addLongIdentifier("server-address", true);
    trustServerHostname.addLongIdentifier("serverAddress", true);
    trustServerHostname.addLongIdentifier("address", true);
    trustServerParser.addArgument(trustServerHostname);
    final IntegerArgument trustServerPort = new IntegerArgument('p', "port", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PORT.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PORT_DESC.get(), 1, 65_535);
    trustServerPort.addLongIdentifier("server-port", true);
    trustServerPort.addLongIdentifier("serverPort", true);
    trustServerParser.addArgument(trustServerPort);
    final BooleanArgument trustServerUseStartTLS = new BooleanArgument('q', "use-ldap-start-tls", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_USE_START_TLS_DESC.get());
    trustServerUseStartTLS.addLongIdentifier("use-ldap-starttls", true);
    trustServerUseStartTLS.addLongIdentifier("useLDAPStartTLS", true);
    trustServerUseStartTLS.addLongIdentifier("use-start-tls", true);
    trustServerUseStartTLS.addLongIdentifier("use-starttls", true);
    trustServerUseStartTLS.addLongIdentifier("useStartTLS", true);
    trustServerParser.addArgument(trustServerUseStartTLS);
    final FileArgument trustServerKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_DESC.get(), false, true, true, false);
    trustServerKeystore.addLongIdentifier("keystore-path", true);
    trustServerKeystore.addLongIdentifier("keystorePath", true);
    trustServerKeystore.addLongIdentifier("keystore-file", true);
    trustServerKeystore.addLongIdentifier("keystoreFile", true);
    trustServerParser.addArgument(trustServerKeystore);
    final StringArgument trustServerKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_DESC.get());
    trustServerKeystorePassword.addLongIdentifier("keystorePassword", true);
    trustServerKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    trustServerKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    trustServerKeystorePassword.addLongIdentifier("keystore-pin", true);
    trustServerKeystorePassword.addLongIdentifier("keystorePIN", true);
    trustServerKeystorePassword.addLongIdentifier("storepass", true);
    trustServerKeystorePassword.setSensitive(true);
    trustServerParser.addArgument(trustServerKeystorePassword);
    final FileArgument trustServerKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    trustServerParser.addArgument(trustServerKeystorePasswordFile);
    final BooleanArgument trustServerPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PROMPT_FOR_KS_PW_DESC.get());
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    trustServerParser.addArgument(trustServerPromptForKeystorePassword);
    final StringArgument trustServerKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    trustServerKeystoreType.addLongIdentifier("key-store-type", true);
    trustServerKeystoreType.addLongIdentifier("keystoreType", true);
    trustServerKeystoreType.addLongIdentifier("keystore-format", true);
    trustServerKeystoreType.addLongIdentifier("key-store-format", true);
    trustServerKeystoreType.addLongIdentifier("keystoreFormat", true);
    trustServerKeystoreType.addLongIdentifier("storetype", true);
    trustServerParser.addArgument(trustServerKeystoreType);
    final StringArgument trustServerAlias = new StringArgument(null, "alias", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ALIAS_DESC.get());
    trustServerAlias.addLongIdentifier("nickname", true);
    trustServerParser.addArgument(trustServerAlias);
    final BooleanArgument trustServerIssuersOnly = new BooleanArgument(null, "issuers-only", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ISSUERS_ONLY_DESC.get());
    trustServerIssuersOnly.addLongIdentifier("issuersOnly", true);
    trustServerIssuersOnly.addLongIdentifier("issuer-certificates-only", true);
    trustServerIssuersOnly.addLongIdentifier("issuerCertificatesOnly", true);
    trustServerIssuersOnly.addLongIdentifier("only-issuers", true);
    trustServerIssuersOnly.addLongIdentifier("onlyIssuers", true);
    trustServerIssuersOnly.addLongIdentifier("only-issuer-certificates", true);
    trustServerIssuersOnly.addLongIdentifier("onlyIssuerCertificates", true);
    trustServerParser.addArgument(trustServerIssuersOnly);
    final BooleanArgument trustServerEnableSSLDebugging = new BooleanArgument(null, "enableSSLDebugging", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ENABLE_SSL_DEBUGGING_DESC.get());
    trustServerEnableSSLDebugging.addLongIdentifier("enableTLSDebugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enableStartTLSDebugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-ssl-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-tls-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-starttls-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-start-tls-debugging", true);
    trustServerParser.addArgument(trustServerEnableSSLDebugging);
    addEnableSSLDebuggingArgument(trustServerEnableSSLDebugging);
    final BooleanArgument trustServerVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_VERBOSE_DESC.get());
    trustServerParser.addArgument(trustServerVerbose);
    final BooleanArgument trustServerNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_NO_PROMPT_DESC.get());
    trustServerNoPrompt.addLongIdentifier("noPrompt", true);
    trustServerParser.addArgument(trustServerNoPrompt);
    trustServerParser.addRequiredArgumentSet(trustServerKeystorePassword, trustServerKeystorePasswordFile, trustServerPromptForKeystorePassword);
    trustServerParser.addExclusiveArgumentSet(trustServerKeystorePassword, trustServerKeystorePasswordFile, trustServerPromptForKeystorePassword);
    final LinkedHashMap<String[], String> trustServerExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    trustServerExamples.put(new String[] { "trust-server-certificate", "--hostname", "ds.example.com", "--port", "636", "--keystore", getPlatformSpecificPath("config", "truststore"), "--keystore-password-file", getPlatformSpecificPath("config", "truststore.pin"), "--verbose" }, INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_1.get(getPlatformSpecificPath("config", "truststore")));
    trustServerExamples.put(new String[] { "trust-server-certificate", "--hostname", "ds.example.com", "--port", "389", "--use-ldap-start-tls", "--keystore", getPlatformSpecificPath("config", "truststore"), "--keystore-password-file", getPlatformSpecificPath("config", "truststore.pin"), "--issuers-only", "--alias", "ds-start-tls-cert", "--no-prompt" }, INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_2.get(getPlatformSpecificPath("config", "truststore")));
    final SubCommand trustServerSubCommand = new SubCommand("trust-server-certificate", INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get(), trustServerParser, trustServerExamples);
    trustServerSubCommand.addName("trustServerCertificate", true);
    trustServerSubCommand.addName("trust-server", true);
    trustServerSubCommand.addName("trustServer", true);
    parser.addSubCommand(trustServerSubCommand);
    // Define the "check-certificate-usability" subcommand and all of its
    // arguments.
    final ArgumentParser checkUsabilityParser = new ArgumentParser("check-certificate-usability", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get());
    final FileArgument checkUsabilityKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_DESC.get(), true, true, true, false);
    checkUsabilityKeystore.addLongIdentifier("keystore-path", true);
    checkUsabilityKeystore.addLongIdentifier("keystorePath", true);
    checkUsabilityKeystore.addLongIdentifier("keystore-file", true);
    checkUsabilityKeystore.addLongIdentifier("keystoreFile", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystore);
    final StringArgument checkUsabilityKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_DESC.get());
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePassword", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystore-pin", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePIN", true);
    checkUsabilityKeystorePassword.addLongIdentifier("storepass", true);
    checkUsabilityKeystorePassword.setSensitive(true);
    checkUsabilityParser.addArgument(checkUsabilityKeystorePassword);
    final FileArgument checkUsabilityKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystorePasswordFile);
    final BooleanArgument checkUsabilityPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_PROMPT_FOR_KS_PW_DESC.get());
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    checkUsabilityParser.addArgument(checkUsabilityPromptForKeystorePassword);
    final StringArgument checkUsabilityKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    checkUsabilityKeystoreType.addLongIdentifier("key-store-type", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystoreType", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystore-format", true);
    checkUsabilityKeystoreType.addLongIdentifier("key-store-format", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystoreFormat", true);
    checkUsabilityKeystoreType.addLongIdentifier("storetype", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystoreType);
    final StringArgument checkUsabilityAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_ALIAS_DESC.get());
    checkUsabilityAlias.addLongIdentifier("nickname", true);
    checkUsabilityParser.addArgument(checkUsabilityAlias);
    final BooleanArgument checkUsabilityIgnoreSHA1Signature = new BooleanArgument(null, "allow-sha-1-signature-for-issuer-certificates", 1, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_IGNORE_SHA1_WARNING_DESC.get());
    checkUsabilityIgnoreSHA1Signature.addLongIdentifier("allow-sha1-signature-for-issuer-certificates", true);
    checkUsabilityIgnoreSHA1Signature.addLongIdentifier("allowSHA1SignatureForIssuerCertificates", true);
    checkUsabilityParser.addArgument(checkUsabilityIgnoreSHA1Signature);
    checkUsabilityParser.addRequiredArgumentSet(checkUsabilityKeystorePassword, checkUsabilityKeystorePasswordFile, checkUsabilityPromptForKeystorePassword);
    checkUsabilityParser.addExclusiveArgumentSet(checkUsabilityKeystorePassword, checkUsabilityKeystorePasswordFile, checkUsabilityPromptForKeystorePassword);
    final LinkedHashMap<String[], String> checkUsabilityExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    checkUsabilityExamples.put(new String[] { "check-certificate-usability", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand checkUsabilitySubCommand = new SubCommand("check-certificate-usability", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get(), checkUsabilityParser, checkUsabilityExamples);
    checkUsabilitySubCommand.addName("checkCertificateUsability", true);
    checkUsabilitySubCommand.addName("check-usability", true);
    checkUsabilitySubCommand.addName("checkUsability", true);
    parser.addSubCommand(checkUsabilitySubCommand);
    // Define the "display-certificate-file" subcommand and all of its
    // arguments.
    final ArgumentParser displayCertParser = new ArgumentParser("display-certificate-file", INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get());
    final FileArgument displayCertFile = new FileArgument(null, "certificate-file", true, 1, null, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_FILE_DESC.get(), true, true, true, false);
    displayCertFile.addLongIdentifier("certificateFile", true);
    displayCertFile.addLongIdentifier("input-file", true);
    displayCertFile.addLongIdentifier("inputFile", true);
    displayCertFile.addLongIdentifier("file", true);
    displayCertFile.addLongIdentifier("filename", true);
    displayCertParser.addArgument(displayCertFile);
    final BooleanArgument displayCertVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_VERBOSE_DESC.get());
    displayCertParser.addArgument(displayCertVerbose);
    final BooleanArgument displayCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    displayCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    displayCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    displayCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    displayCertParser.addArgument(displayCertDisplayCommand);
    final LinkedHashMap<String[], String> displayCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    displayCertExamples.put(new String[] { "display-certificate-file", "--certificate-file", "certificate.pem" }, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_1.get("certificate.pem"));
    displayCertExamples.put(new String[] { "display-certificate-file", "--certificate-file", "certificate.pem", "--verbose", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_2.get("certificate.pem"));
    final SubCommand displayCertSubCommand = new SubCommand("display-certificate-file", INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get(), displayCertParser, displayCertExamples);
    displayCertSubCommand.addName("displayCertificateFile", true);
    displayCertSubCommand.addName("display-certificate", true);
    displayCertSubCommand.addName("displayCertificate", true);
    displayCertSubCommand.addName("display-certificates", true);
    displayCertSubCommand.addName("displayCertificates", true);
    displayCertSubCommand.addName("show-certificate", true);
    displayCertSubCommand.addName("showCertificate", true);
    displayCertSubCommand.addName("show-certificate-file", true);
    displayCertSubCommand.addName("showCertificateFile", true);
    displayCertSubCommand.addName("show-certificates", true);
    displayCertSubCommand.addName("showCertificates", true);
    displayCertSubCommand.addName("print-certificate-file", true);
    displayCertSubCommand.addName("printCertificateFile", true);
    displayCertSubCommand.addName("print-certificate", true);
    displayCertSubCommand.addName("printCertificate", true);
    displayCertSubCommand.addName("print-certificates", true);
    displayCertSubCommand.addName("printCertificates", true);
    displayCertSubCommand.addName("printcert", true);
    parser.addSubCommand(displayCertSubCommand);
    // Define the "display-certificate-signing-request-file" subcommand and all
    // of its arguments.
    final ArgumentParser displayCSRParser = new ArgumentParser("display-certificate-signing-request-file", INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get());
    final FileArgument displayCSRFile = new FileArgument(null, "certificate-signing-request-file", true, 1, null, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_FILE_DESC.get(), true, true, true, false);
    displayCSRFile.addLongIdentifier("certificateSigningRequestFile", true);
    displayCSRFile.addLongIdentifier("request-file", true);
    displayCSRFile.addLongIdentifier("requestFile", true);
    displayCSRFile.addLongIdentifier("input-file", true);
    displayCSRFile.addLongIdentifier("inputFile", true);
    displayCSRFile.addLongIdentifier("file", true);
    displayCSRFile.addLongIdentifier("filename", true);
    displayCSRParser.addArgument(displayCSRFile);
    final BooleanArgument displayCSRVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_VERBOSE_DESC.get());
    displayCSRParser.addArgument(displayCSRVerbose);
    final BooleanArgument displayCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    displayCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    displayCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    displayCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    displayCSRParser.addArgument(displayCSRDisplayCommand);
    final LinkedHashMap<String[], String> displayCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    displayCSRExamples.put(new String[] { "display-certificate-signing-request-file", "--certificate-signing-request-file", "server-cert.csr", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_EXAMPLE_1.get("server-cert.csr"));
    final SubCommand displayCSRSubCommand = new SubCommand("display-certificate-signing-request-file", INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get(), displayCSRParser, displayCSRExamples);
    displayCSRSubCommand.addName("displayCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("display-certificate-signing-request", true);
    displayCSRSubCommand.addName("displayCertificateSigningRequest", true);
    displayCSRSubCommand.addName("display-certificate-request-file", true);
    displayCSRSubCommand.addName("displayCertificateRequestFile", true);
    displayCSRSubCommand.addName("display-certificate-request", true);
    displayCSRSubCommand.addName("displayCertificateRequest", true);
    displayCSRSubCommand.addName("display-csr-file", true);
    displayCSRSubCommand.addName("displayCSRFile", true);
    displayCSRSubCommand.addName("display-csr", true);
    displayCSRSubCommand.addName("displayCSR", true);
    displayCSRSubCommand.addName("show-certificate-signing-request-file", true);
    displayCSRSubCommand.addName("showCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("show-certificate-signing-request", true);
    displayCSRSubCommand.addName("showCertificateSigningRequest", true);
    displayCSRSubCommand.addName("show-certificate-request-file", true);
    displayCSRSubCommand.addName("showCertificateRequestFile", true);
    displayCSRSubCommand.addName("show-certificate-request", true);
    displayCSRSubCommand.addName("showCertificateRequest", true);
    displayCSRSubCommand.addName("show-csr-file", true);
    displayCSRSubCommand.addName("showCSRFile", true);
    displayCSRSubCommand.addName("show-csr", true);
    displayCSRSubCommand.addName("showCSR", true);
    displayCSRSubCommand.addName("print-certificate-signing-request-file", true);
    displayCSRSubCommand.addName("printCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("print-certificate-signing-request", true);
    displayCSRSubCommand.addName("printCertificateSigningRequest", true);
    displayCSRSubCommand.addName("print-certificate-request-file", true);
    displayCSRSubCommand.addName("printCertificateRequestFile", true);
    displayCSRSubCommand.addName("print-certificate-request", true);
    displayCSRSubCommand.addName("printCertificateRequest", true);
    displayCSRSubCommand.addName("print-csr-file", true);
    displayCSRSubCommand.addName("printCSRFile", true);
    displayCSRSubCommand.addName("print-csr", true);
    displayCSRSubCommand.addName("printCSR", true);
    displayCSRSubCommand.addName("printcertreq", true);
    parser.addSubCommand(displayCSRSubCommand);
}
Also used : SubCommand(com.unboundid.util.args.SubCommand) IA5StringArgumentValueValidator(com.unboundid.util.args.IA5StringArgumentValueValidator) IPAddressArgumentValueValidator(com.unboundid.util.args.IPAddressArgumentValueValidator) BooleanArgument(com.unboundid.util.args.BooleanArgument) ASN1BitString(com.unboundid.asn1.ASN1BitString) FileArgument(com.unboundid.util.args.FileArgument) ArgumentParser(com.unboundid.util.args.ArgumentParser) StringArgument(com.unboundid.util.args.StringArgument) LinkedHashMap(java.util.LinkedHashMap) DNArgument(com.unboundid.util.args.DNArgument) IntegerArgument(com.unboundid.util.args.IntegerArgument) OIDArgumentValueValidator(com.unboundid.util.args.OIDArgumentValueValidator) TimestampArgument(com.unboundid.util.args.TimestampArgument) BooleanValueArgument(com.unboundid.util.args.BooleanValueArgument)

Example 34 with BooleanArgument

use of com.unboundid.util.args.BooleanArgument in project ldapsdk by pingidentity.

the class ManageCertificates method doRetrieveServerCertificate.

/**
 * Performs the necessary processing for the retrieve-server-certificate
 * subcommand.
 *
 * @return  A result code that indicates whether the processing completed
 *          successfully.
 */
@NotNull()
private ResultCode doRetrieveServerCertificate() {
    // Get the values of a number of configured arguments.
    final StringArgument hostnameArgument = subCommandParser.getStringArgument("hostname");
    final String hostname = hostnameArgument.getValue();
    final IntegerArgument portArgument = subCommandParser.getIntegerArgument("port");
    final int port = portArgument.getValue();
    final BooleanArgument useLDAPStartTLSArgument = subCommandParser.getBooleanArgument("use-ldap-start-tls");
    final boolean useLDAPStartTLS = ((useLDAPStartTLSArgument != null) && useLDAPStartTLSArgument.isPresent());
    final BooleanArgument onlyPeerArgument = subCommandParser.getBooleanArgument("only-peer-certificate");
    final boolean onlyPeer = ((onlyPeerArgument != null) && onlyPeerArgument.isPresent());
    final BooleanArgument verboseArgument = subCommandParser.getBooleanArgument("verbose");
    final boolean verbose = ((verboseArgument != null) && verboseArgument.isPresent());
    boolean outputPEM = true;
    final StringArgument outputFormatArgument = subCommandParser.getStringArgument("output-format");
    if ((outputFormatArgument != null) && outputFormatArgument.isPresent()) {
        final String format = outputFormatArgument.getValue().toLowerCase();
        if (format.equals("der") || format.equals("binary") || format.equals("bin")) {
            outputPEM = false;
        }
    }
    File outputFile = null;
    final FileArgument outputFileArgument = subCommandParser.getFileArgument("output-file");
    if ((outputFileArgument != null) && outputFileArgument.isPresent()) {
        outputFile = outputFileArgument.getValue();
    }
    // Spawn a background thread to establish a connection and get the
    // certificate chain from the target server.
    final LinkedBlockingQueue<Object> responseQueue = new LinkedBlockingQueue<>(10);
    final ManageCertificatesServerCertificateCollector certificateCollector = new ManageCertificatesServerCertificateCollector(this, hostname, port, useLDAPStartTLS, verbose, responseQueue);
    certificateCollector.start();
    Object responseObject = ERR_MANAGE_CERTS_RETRIEVE_CERT_NO_CERT_CHAIN_RECEIVED.get(hostname + ':' + port);
    try {
        responseObject = responseQueue.poll(90L, TimeUnit.SECONDS);
    } catch (final Exception e) {
        Debug.debugException(e);
    }
    final X509Certificate[] chain;
    if (responseObject instanceof X509Certificate[]) {
        chain = (X509Certificate[]) responseObject;
        if (chain.length == 0) {
            wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_RETRIEVE_CERT_EMPTY_CHAIN.get());
            return ResultCode.NO_RESULTS_RETURNED;
        }
    } else if (responseObject instanceof CertException) {
        // thread, so we can just return a non-success result.
        return ResultCode.LOCAL_ERROR;
    } else {
        wrapErr(0, WRAP_COLUMN, String.valueOf(responseObject));
        return ResultCode.LOCAL_ERROR;
    }
    try {
        certificateCollector.join(10_000L);
    } catch (final Exception e) {
        Debug.debugException(e);
    }
    // If the certificates should be written to a file, then do that now.
    if (outputFile != null) {
        try (PrintStream s = new PrintStream(outputFile)) {
            for (final X509Certificate c : chain) {
                if (outputPEM) {
                    writePEMCertificate(s, c.getX509CertificateBytes());
                } else {
                    s.write(c.getX509CertificateBytes());
                }
                if (onlyPeer) {
                    break;
                }
            }
        } catch (final Exception e) {
            Debug.debugException(e);
            wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_RETRIEVE_CERT_CANNOT_WRITE_TO_FILE.get(outputFile.getAbsolutePath(), StaticUtils.getExceptionMessage(e)));
            return ResultCode.LOCAL_ERROR;
        }
    }
    // Display information about the certificates.
    for (int i = 0; i < chain.length; i++) {
        if (verbose || (i > 0)) {
            out();
            out();
        }
        if ((!onlyPeer) && (chain.length > 1)) {
            wrapOut(0, WRAP_COLUMN, INFO_MANAGE_CERTS_RETRIEVE_CERT_DISPLAY_HEADER.get((i + 1), chain.length));
            out();
        }
        final X509Certificate c = chain[i];
        writePEMCertificate(getOut(), c.getX509CertificateBytes());
        out();
        printCertificate(c, "", verbose);
        if (onlyPeer) {
            break;
        }
    }
    return ResultCode.SUCCESS;
}
Also used : PrintStream(java.io.PrintStream) BooleanArgument(com.unboundid.util.args.BooleanArgument) ASN1BitString(com.unboundid.asn1.ASN1BitString) FileArgument(com.unboundid.util.args.FileArgument) LinkedBlockingQueue(java.util.concurrent.LinkedBlockingQueue) ArgumentException(com.unboundid.util.args.ArgumentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) LDAPException(com.unboundid.ldap.sdk.LDAPException) IOException(java.io.IOException) StringArgument(com.unboundid.util.args.StringArgument) IntegerArgument(com.unboundid.util.args.IntegerArgument) File(java.io.File) NotNull(com.unboundid.util.NotNull)

Example 35 with BooleanArgument

use of com.unboundid.util.args.BooleanArgument in project ldapsdk by pingidentity.

the class ManageCertificates method getPrivateKeyPassword.

/**
 * Retrieves the password needed to access the private key.
 *
 * @param  keystore          The keystore that contains the target private
 *                           key.  This must not be {@code null}.
 * @param  alias             The alias of the target private key.  This must
 *                           not be {@code null}.
 * @param  prefix            The prefix string to use for the arguments.  This
 *                           may be {@code null} if no prefix is needed.
 * @param  keystorePassword  The keystore password to use if no specific
 *                           private key password was provided.
 *
 * @return  The password needed to access the private key, or the provided
 *          keystore password if no arguments were provided to specify a
 *          different private key password.
 *
 * @throws  LDAPException  If a problem is encountered while trying to get the
 *                         private key password.
 */
@Nullable()
private char[] getPrivateKeyPassword(@NotNull final KeyStore keystore, @NotNull final String alias, @Nullable final String prefix, @Nullable final char[] keystorePassword) throws LDAPException {
    final String prefixDash;
    if (prefix == null) {
        prefixDash = "";
    } else {
        prefixDash = prefix + '-';
    }
    final StringArgument privateKeyPasswordArgument = subCommandParser.getStringArgument(prefixDash + "private-key-password");
    if ((privateKeyPasswordArgument != null) && privateKeyPasswordArgument.isPresent()) {
        final char[] pkPasswordChars = privateKeyPasswordArgument.getValue().toCharArray();
        if ((pkPasswordChars.length < 6) && (!(hasCertificateAlias(keystore, alias) || hasKeyAlias(keystore, alias)))) {
            throw new LDAPException(ResultCode.PARAM_ERROR, ERR_MANAGE_CERTS_GET_PK_PW_TOO_SHORT.get());
        }
        return pkPasswordChars;
    }
    final FileArgument privateKeyPasswordFileArgument = subCommandParser.getFileArgument(prefixDash + "private-key-password-file");
    if ((privateKeyPasswordFileArgument != null) && privateKeyPasswordFileArgument.isPresent()) {
        final File f = privateKeyPasswordFileArgument.getValue();
        try {
            final char[] passwordChars = getPasswordFileReader().readPassword(f);
            if (passwordChars.length < 6) {
                throw new LDAPException(ResultCode.PARAM_ERROR, ERR_MANAGE_CERTS_GET_PK_PW_EMPTY_FILE.get(f.getAbsolutePath()));
            }
            return passwordChars;
        } catch (final LDAPException e) {
            Debug.debugException(e);
            throw e;
        } catch (final Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.LOCAL_ERROR, ERR_MANAGE_CERTS_GET_PK_PW_ERROR_READING_FILE.get(f.getAbsolutePath(), StaticUtils.getExceptionMessage(e)), e);
        }
    }
    final BooleanArgument promptArgument = subCommandParser.getBooleanArgument("prompt-for-" + prefixDash + "private-key-password");
    if ((promptArgument != null) && promptArgument.isPresent()) {
        out();
        try {
            if ((hasKeyAlias(keystore, alias) || hasCertificateAlias(keystore, alias)) && (!"new".equals(prefix)) && (!"destination".equals(prefix))) {
                // This means that the private key already exists, so we just need to
                // prompt once.
                final String prompt;
                if ("current".equals(prefix)) {
                    prompt = INFO_MANAGE_CERTS_GET_PK_PW_CURRENT_PROMPT.get(alias);
                } else {
                    prompt = INFO_MANAGE_CERTS_GET_PK_PW_EXISTING_PROMPT.get(alias);
                }
                return promptForPassword(prompt, false);
            } else {
                // prompt twice.
                while (true) {
                    final String prompt;
                    if ("new".equals(prefix)) {
                        prompt = INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT.get();
                    } else {
                        prompt = INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT_1.get(alias);
                    }
                    final char[] pwChars = promptForPassword(prompt, false);
                    if (pwChars.length < 6) {
                        wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_GET_PK_PW_TOO_SHORT.get());
                        err();
                        continue;
                    }
                    final char[] confirmChars = promptForPassword(INFO_MANAGE_CERTS_GET_PK_PW_NEW_PROMPT_2.get(), true);
                    if (Arrays.equals(pwChars, confirmChars)) {
                        Arrays.fill(confirmChars, '\u0000');
                        return pwChars;
                    } else {
                        wrapErr(0, WRAP_COLUMN, ERR_MANAGE_CERTS_GET_PK_PW_PROMPT_MISMATCH.get());
                        err();
                    }
                }
            }
        } catch (final LDAPException le) {
            Debug.debugException(le);
            throw le;
        } catch (final Exception e) {
            Debug.debugException(e);
            throw new LDAPException(ResultCode.LOCAL_ERROR, ERR_MANAGE_CERTS_GET_PK_PW_PROMPT_ERROR.get(alias, StaticUtils.getExceptionMessage(e)), e);
        }
    }
    return keystorePassword;
}
Also used : LDAPException(com.unboundid.ldap.sdk.LDAPException) BooleanArgument(com.unboundid.util.args.BooleanArgument) ASN1BitString(com.unboundid.asn1.ASN1BitString) FileArgument(com.unboundid.util.args.FileArgument) File(java.io.File) ArgumentException(com.unboundid.util.args.ArgumentException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) LDAPException(com.unboundid.ldap.sdk.LDAPException) IOException(java.io.IOException) StringArgument(com.unboundid.util.args.StringArgument) Nullable(com.unboundid.util.Nullable)

Aggregations

BooleanArgument (com.unboundid.util.args.BooleanArgument)65 StringArgument (com.unboundid.util.args.StringArgument)53 FileArgument (com.unboundid.util.args.FileArgument)51 IntegerArgument (com.unboundid.util.args.IntegerArgument)35 DNArgument (com.unboundid.util.args.DNArgument)25 LDAPException (com.unboundid.ldap.sdk.LDAPException)19 File (java.io.File)19 ArgumentException (com.unboundid.util.args.ArgumentException)18 ASN1BitString (com.unboundid.asn1.ASN1BitString)16 NotNull (com.unboundid.util.NotNull)16 FilterArgument (com.unboundid.util.args.FilterArgument)14 ControlArgument (com.unboundid.util.args.ControlArgument)13 IOException (java.io.IOException)13 UnrecoverableKeyException (java.security.UnrecoverableKeyException)12 ArrayList (java.util.ArrayList)12 KeyStore (java.security.KeyStore)10 ScopeArgument (com.unboundid.util.args.ScopeArgument)9 Certificate (java.security.cert.Certificate)8 ArgumentParser (com.unboundid.util.args.ArgumentParser)7 DN (com.unboundid.ldap.sdk.DN)6