Search in sources :

Example 1 with OIDArgumentValueValidator

use of com.unboundid.util.args.OIDArgumentValueValidator in project ldapsdk by pingidentity.

the class ManageCertificates method addToolArguments.

/**
 * Adds the command-line arguments supported for use with this tool to the
 * provided argument parser.  The tool may need to retain references to the
 * arguments (and/or the argument parser, if trailing arguments are allowed)
 * to it in order to obtain their values for use in later processing.
 *
 * @param  parser  The argument parser to which the arguments are to be added.
 *
 * @throws  ArgumentException  If a problem occurs while adding any of the
 *                             tool-specific arguments to the provided
 *                             argument parser.
 */
@Override()
public void addToolArguments(@NotNull final ArgumentParser parser) throws ArgumentException {
    globalParser = parser;
    // Define the "list-certificates" subcommand and all of its arguments.
    final ArgumentParser listCertsParser = new ArgumentParser("list-certificates", INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get());
    final FileArgument listCertsKeystore = new FileArgument(null, "keystore", (JVM_DEFAULT_CACERTS_FILE == null), 1, null, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_DESC.get(), true, true, true, false);
    listCertsKeystore.addLongIdentifier("keystore-path", true);
    listCertsKeystore.addLongIdentifier("keystorePath", true);
    listCertsKeystore.addLongIdentifier("keystore-file", true);
    listCertsKeystore.addLongIdentifier("keystoreFile", true);
    listCertsParser.addArgument(listCertsKeystore);
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        final BooleanArgument listCertsUseJVMDefault = new BooleanArgument(null, "use-jvm-default-trust-store", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_JVM_DEFAULT_DESC.get(JVM_DEFAULT_CACERTS_FILE.getAbsolutePath()));
        listCertsUseJVMDefault.addLongIdentifier("useJVMDefaultTrustStore", true);
        listCertsUseJVMDefault.addLongIdentifier("jvm-default", true);
        listCertsUseJVMDefault.addLongIdentifier("jvmDefault", true);
        listCertsParser.addArgument(listCertsUseJVMDefault);
        listCertsParser.addRequiredArgumentSet(listCertsUseJVMDefault, listCertsKeystore);
        listCertsParser.addExclusiveArgumentSet(listCertsUseJVMDefault, listCertsKeystore);
    }
    final StringArgument listCertsKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_DESC.get());
    listCertsKeystorePassword.addLongIdentifier("keystorePassword", true);
    listCertsKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    listCertsKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    listCertsKeystorePassword.addLongIdentifier("keystore-pin", true);
    listCertsKeystorePassword.addLongIdentifier("keystorePIN", true);
    listCertsKeystorePassword.addLongIdentifier("storepass", true);
    listCertsKeystorePassword.setSensitive(true);
    listCertsParser.addArgument(listCertsKeystorePassword);
    final FileArgument listCertsKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    listCertsKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    listCertsParser.addArgument(listCertsKeystorePasswordFile);
    final BooleanArgument listCertsPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_PROMPT_FOR_KS_PW_DESC.get());
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    listCertsPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    listCertsParser.addArgument(listCertsPromptForKeystorePassword);
    final StringArgument listCertsKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    listCertsKeystoreType.addLongIdentifier("key-store-type", true);
    listCertsKeystoreType.addLongIdentifier("keystoreType", true);
    listCertsKeystoreType.addLongIdentifier("keystore-format", true);
    listCertsKeystoreType.addLongIdentifier("key-store-format", true);
    listCertsKeystoreType.addLongIdentifier("keystoreFormat", true);
    listCertsKeystoreType.addLongIdentifier("storetype", true);
    listCertsParser.addArgument(listCertsKeystoreType);
    final StringArgument listCertsAlias = new StringArgument(null, "alias", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_ALIAS_DESC.get());
    listCertsAlias.addLongIdentifier("nickname", true);
    listCertsParser.addArgument(listCertsAlias);
    final BooleanArgument listCertsDisplayPEM = new BooleanArgument(null, "display-pem-certificate", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_PEM_DESC.get());
    listCertsDisplayPEM.addLongIdentifier("displayPEMCertificate", true);
    listCertsDisplayPEM.addLongIdentifier("display-pem", true);
    listCertsDisplayPEM.addLongIdentifier("displayPEM", true);
    listCertsDisplayPEM.addLongIdentifier("show-pem-certificate", true);
    listCertsDisplayPEM.addLongIdentifier("showPEMCertificate", true);
    listCertsDisplayPEM.addLongIdentifier("show-pem", true);
    listCertsDisplayPEM.addLongIdentifier("showPEM", true);
    listCertsDisplayPEM.addLongIdentifier("pem", true);
    listCertsDisplayPEM.addLongIdentifier("rfc", true);
    listCertsParser.addArgument(listCertsDisplayPEM);
    final BooleanArgument listCertsVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_VERBOSE_DESC.get());
    listCertsParser.addArgument(listCertsVerbose);
    final BooleanArgument listCertsDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_LIST_CERTS_ARG_DISPLAY_COMMAND_DESC.get());
    listCertsDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    listCertsDisplayCommand.addLongIdentifier("show-keytool-command", true);
    listCertsDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    listCertsParser.addArgument(listCertsDisplayCommand);
    listCertsParser.addExclusiveArgumentSet(listCertsKeystorePassword, listCertsKeystorePasswordFile, listCertsPromptForKeystorePassword);
    final LinkedHashMap<String[], String> listCertsExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(3));
    listCertsExamples.put(new String[] { "list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore") }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    listCertsExamples.put(new String[] { "list-certificates", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--verbose", "--display-pem-certificate", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_2.get(getPlatformSpecificPath("config", "keystore.p12"), getPlatformSpecificPath("config", "keystore.pin")));
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        listCertsExamples.put(new String[] { "list-certificates", "--use-jvm-default-trust-store" }, INFO_MANAGE_CERTS_SC_LIST_CERTS_EXAMPLE_3.get());
    }
    final SubCommand listCertsSubCommand = new SubCommand("list-certificates", INFO_MANAGE_CERTS_SC_LIST_CERTS_DESC.get(), listCertsParser, listCertsExamples);
    listCertsSubCommand.addName("listCertificates", true);
    listCertsSubCommand.addName("list-certs", true);
    listCertsSubCommand.addName("listCerts", true);
    listCertsSubCommand.addName("list", true);
    parser.addSubCommand(listCertsSubCommand);
    // Define the "export-certificate" subcommand and all of its arguments.
    final ArgumentParser exportCertParser = new ArgumentParser("export-certificate", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get());
    final FileArgument exportCertKeystore = new FileArgument(null, "keystore", (JVM_DEFAULT_CACERTS_FILE == null), 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_DESC.get(), true, true, true, false);
    exportCertKeystore.addLongIdentifier("keystore-path", true);
    exportCertKeystore.addLongIdentifier("keystorePath", true);
    exportCertKeystore.addLongIdentifier("keystore-file", true);
    exportCertKeystore.addLongIdentifier("keystoreFile", true);
    exportCertParser.addArgument(exportCertKeystore);
    if (JVM_DEFAULT_CACERTS_FILE != null) {
        final BooleanArgument exportCertUseJVMDefault = new BooleanArgument(null, "use-jvm-default-trust-store", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERTS_ARG_JVM_DEFAULT_DESC.get(JVM_DEFAULT_CACERTS_FILE.getAbsolutePath()));
        exportCertUseJVMDefault.addLongIdentifier("useJVMDefaultTrustStore", true);
        exportCertUseJVMDefault.addLongIdentifier("jvm-default", true);
        exportCertUseJVMDefault.addLongIdentifier("jvmDefault", true);
        exportCertParser.addArgument(exportCertUseJVMDefault);
        exportCertParser.addRequiredArgumentSet(exportCertUseJVMDefault, exportCertKeystore);
        exportCertParser.addExclusiveArgumentSet(exportCertUseJVMDefault, exportCertKeystore);
    }
    final StringArgument exportCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_DESC.get());
    exportCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    exportCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    exportCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    exportCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    exportCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    exportCertKeystorePassword.addLongIdentifier("storepass", true);
    exportCertKeystorePassword.setSensitive(true);
    exportCertParser.addArgument(exportCertKeystorePassword);
    final FileArgument exportCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    exportCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    exportCertParser.addArgument(exportCertKeystorePasswordFile);
    final BooleanArgument exportCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    exportCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    exportCertParser.addArgument(exportCertPromptForKeystorePassword);
    final StringArgument exportCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    exportCertKeystoreType.addLongIdentifier("key-store-type", true);
    exportCertKeystoreType.addLongIdentifier("keystoreType", true);
    exportCertKeystoreType.addLongIdentifier("keystore-format", true);
    exportCertKeystoreType.addLongIdentifier("key-store-format", true);
    exportCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    exportCertKeystoreType.addLongIdentifier("storetype", true);
    exportCertParser.addArgument(exportCertKeystoreType);
    final StringArgument exportCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_ALIAS_DESC.get());
    exportCertAlias.addLongIdentifier("nickname", true);
    exportCertParser.addArgument(exportCertAlias);
    final BooleanArgument exportCertChain = new BooleanArgument(null, "export-certificate-chain", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_CHAIN_DESC.get());
    exportCertChain.addLongIdentifier("exportCertificateChain", true);
    exportCertChain.addLongIdentifier("export-chain", true);
    exportCertChain.addLongIdentifier("exportChain", true);
    exportCertChain.addLongIdentifier("certificate-chain", true);
    exportCertChain.addLongIdentifier("certificateChain", true);
    exportCertChain.addLongIdentifier("chain", true);
    exportCertParser.addArgument(exportCertChain);
    final Set<String> exportCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument exportCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FORMAT_DESC.get(), exportCertOutputFormatAllowedValues, "PEM");
    exportCertOutputFormat.addLongIdentifier("outputFormat", true);
    exportCertParser.addArgument(exportCertOutputFormat);
    final FileArgument exportCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_FILE_DESC.get(), false, true, true, false);
    exportCertOutputFile.addLongIdentifier("outputFile", true);
    exportCertOutputFile.addLongIdentifier("export-file", true);
    exportCertOutputFile.addLongIdentifier("exportFile", true);
    exportCertOutputFile.addLongIdentifier("certificate-file", true);
    exportCertOutputFile.addLongIdentifier("certificateFile", true);
    exportCertOutputFile.addLongIdentifier("file", true);
    exportCertOutputFile.addLongIdentifier("filename", true);
    exportCertParser.addArgument(exportCertOutputFile);
    final BooleanArgument exportCertSeparateFile = new BooleanArgument(null, "separate-file-per-certificate", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_SEPARATE_FILE_DESC.get());
    exportCertSeparateFile.addLongIdentifier("separateFilePerCertificate", true);
    exportCertSeparateFile.addLongIdentifier("separate-files", true);
    exportCertSeparateFile.addLongIdentifier("separateFiles", true);
    exportCertParser.addArgument(exportCertSeparateFile);
    final BooleanArgument exportCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_EXPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    exportCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    exportCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    exportCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    exportCertParser.addArgument(exportCertDisplayCommand);
    exportCertParser.addExclusiveArgumentSet(exportCertKeystorePassword, exportCertKeystorePasswordFile, exportCertPromptForKeystorePassword);
    exportCertParser.addDependentArgumentSet(exportCertSeparateFile, exportCertChain);
    exportCertParser.addDependentArgumentSet(exportCertSeparateFile, exportCertOutputFile);
    final LinkedHashMap<String[], String> exportCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    exportCertExamples.put(new String[] { "export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_1.get());
    exportCertExamples.put(new String[] { "export-certificate", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--export-certificate-chain", "--output-format", "DER", "--output-file", "certificate-chain.der", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_EXPORT_CERT_EXAMPLE_2.get());
    final SubCommand exportCertSubCommand = new SubCommand("export-certificate", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), exportCertParser, exportCertExamples);
    exportCertSubCommand.addName("exportCertificate", true);
    exportCertSubCommand.addName("export-cert", true);
    exportCertSubCommand.addName("exportCert", true);
    exportCertSubCommand.addName("export", true);
    parser.addSubCommand(exportCertSubCommand);
    // Define the "export-private-key" subcommand and all of its arguments.
    final ArgumentParser exportKeyParser = new ArgumentParser("export-private-key", INFO_MANAGE_CERTS_SC_EXPORT_KEY_DESC.get());
    final FileArgument exportKeyKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_DESC.get(), true, true, true, false);
    exportKeyKeystore.addLongIdentifier("keystore-path", true);
    exportKeyKeystore.addLongIdentifier("keystorePath", true);
    exportKeyKeystore.addLongIdentifier("keystore-file", true);
    exportKeyKeystore.addLongIdentifier("keystoreFile", true);
    exportKeyParser.addArgument(exportKeyKeystore);
    final StringArgument exportKeyKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_DESC.get());
    exportKeyKeystorePassword.addLongIdentifier("keystorePassword", true);
    exportKeyKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    exportKeyKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    exportKeyKeystorePassword.addLongIdentifier("keystore-pin", true);
    exportKeyKeystorePassword.addLongIdentifier("keystorePIN", true);
    exportKeyKeystorePassword.addLongIdentifier("storepass", true);
    exportKeyKeystorePassword.setSensitive(true);
    exportKeyParser.addArgument(exportKeyKeystorePassword);
    final FileArgument exportKeyKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    exportKeyKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    exportKeyParser.addArgument(exportKeyKeystorePasswordFile);
    final BooleanArgument exportKeyPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_KS_PW_DESC.get());
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    exportKeyPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    exportKeyParser.addArgument(exportKeyPromptForKeystorePassword);
    final StringArgument exportKeyPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_DESC.get());
    exportKeyPKPassword.addLongIdentifier("privateKeyPassword", true);
    exportKeyPKPassword.addLongIdentifier("private-key-passphrase", true);
    exportKeyPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    exportKeyPKPassword.addLongIdentifier("private-key-pin", true);
    exportKeyPKPassword.addLongIdentifier("privateKeyPIN", true);
    exportKeyPKPassword.addLongIdentifier("key-password", true);
    exportKeyPKPassword.addLongIdentifier("keyPassword", true);
    exportKeyPKPassword.addLongIdentifier("key-passphrase", true);
    exportKeyPKPassword.addLongIdentifier("keyPassphrase", true);
    exportKeyPKPassword.addLongIdentifier("key-pin", true);
    exportKeyPKPassword.addLongIdentifier("keyPIN", true);
    exportKeyPKPassword.addLongIdentifier("keypass", true);
    exportKeyPKPassword.setSensitive(true);
    exportKeyParser.addArgument(exportKeyPKPassword);
    final FileArgument exportKeyPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-password-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    exportKeyPKPasswordFile.addLongIdentifier("key-pin-file", true);
    exportKeyPKPasswordFile.addLongIdentifier("keyPINFile", true);
    exportKeyParser.addArgument(exportKeyPKPasswordFile);
    final BooleanArgument exportKeyPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_PROMPT_FOR_PK_PW_DESC.get());
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    exportKeyPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    exportKeyPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    exportKeyParser.addArgument(exportKeyPromptForPKPassword);
    final StringArgument exportKeyKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    exportKeyKeystoreType.addLongIdentifier("key-store-type", true);
    exportKeyKeystoreType.addLongIdentifier("keystoreType", true);
    exportKeyKeystoreType.addLongIdentifier("keystore-format", true);
    exportKeyKeystoreType.addLongIdentifier("key-store-format", true);
    exportKeyKeystoreType.addLongIdentifier("keystoreFormat", true);
    exportKeyKeystoreType.addLongIdentifier("storetype", true);
    exportKeyParser.addArgument(exportKeyKeystoreType);
    final StringArgument exportKeyAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_ALIAS_DESC.get());
    exportKeyAlias.addLongIdentifier("nickname", true);
    exportKeyParser.addArgument(exportKeyAlias);
    final Set<String> exportKeyOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument exportKeyOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FORMAT_DESC.get(), exportKeyOutputFormatAllowedValues, "PEM");
    exportKeyOutputFormat.addLongIdentifier("outputFormat", true);
    exportKeyParser.addArgument(exportKeyOutputFormat);
    final FileArgument exportKeyOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_EXPORT_KEY_ARG_FILE_DESC.get(), false, true, true, false);
    exportKeyOutputFile.addLongIdentifier("outputFile", true);
    exportKeyOutputFile.addLongIdentifier("export-file", true);
    exportKeyOutputFile.addLongIdentifier("exportFile", true);
    exportKeyOutputFile.addLongIdentifier("private-key-file", true);
    exportKeyOutputFile.addLongIdentifier("privateKeyFile", true);
    exportKeyOutputFile.addLongIdentifier("key-file", true);
    exportKeyOutputFile.addLongIdentifier("keyFile", true);
    exportKeyOutputFile.addLongIdentifier("file", true);
    exportKeyOutputFile.addLongIdentifier("filename", true);
    exportKeyParser.addArgument(exportKeyOutputFile);
    exportKeyParser.addRequiredArgumentSet(exportKeyKeystorePassword, exportKeyKeystorePasswordFile, exportKeyPromptForKeystorePassword);
    exportKeyParser.addExclusiveArgumentSet(exportKeyKeystorePassword, exportKeyKeystorePasswordFile, exportKeyPromptForKeystorePassword);
    exportKeyParser.addExclusiveArgumentSet(exportKeyPKPassword, exportKeyPKPasswordFile, exportKeyPromptForPKPassword);
    final LinkedHashMap<String[], String> exportKeyExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    exportKeyExamples.put(new String[] { "export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_1.get());
    exportKeyExamples.put(new String[] { "export-private-key", "--keystore", getPlatformSpecificPath("config", "keystore.p12"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--private-key-password-file", getPlatformSpecificPath("config", "server-cert-key.pin"), "--alias", "server-cert", "--output-format", "DER", "--output-file", "server-cert-key.der" }, INFO_MANAGE_CERTS_SC_EXPORT_KEY_EXAMPLE_2.get());
    final SubCommand exportKeySubCommand = new SubCommand("export-private-key", INFO_MANAGE_CERTS_SC_EXPORT_CERT_DESC.get(), exportKeyParser, exportKeyExamples);
    exportKeySubCommand.addName("exportPrivateKey", true);
    exportKeySubCommand.addName("export-key", true);
    exportKeySubCommand.addName("exportKey", true);
    parser.addSubCommand(exportKeySubCommand);
    // Define the "import-certificate" subcommand and all of its arguments.
    final ArgumentParser importCertParser = new ArgumentParser("import-certificate", INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get());
    final FileArgument importCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_DESC.get(), false, true, true, false);
    importCertKeystore.addLongIdentifier("keystore-path", true);
    importCertKeystore.addLongIdentifier("keystorePath", true);
    importCertKeystore.addLongIdentifier("keystore-file", true);
    importCertKeystore.addLongIdentifier("keystoreFile", true);
    importCertParser.addArgument(importCertKeystore);
    final StringArgument importCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_DESC.get());
    importCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    importCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    importCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    importCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    importCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    importCertKeystorePassword.addLongIdentifier("storepass", true);
    importCertKeystorePassword.setSensitive(true);
    importCertParser.addArgument(importCertKeystorePassword);
    final FileArgument importCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    importCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    importCertParser.addArgument(importCertKeystorePasswordFile);
    final BooleanArgument importCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    importCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    importCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    importCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    importCertParser.addArgument(importCertPromptForKeystorePassword);
    final StringArgument importCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    importCertKeystoreType.addLongIdentifier("key-store-type", true);
    importCertKeystoreType.addLongIdentifier("keystoreType", true);
    importCertKeystoreType.addLongIdentifier("keystore-format", true);
    importCertKeystoreType.addLongIdentifier("key-store-format", true);
    importCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    importCertKeystoreType.addLongIdentifier("storetype", true);
    importCertParser.addArgument(importCertKeystoreType);
    final StringArgument importCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_ALIAS_DESC.get());
    importCertAlias.addLongIdentifier("nickname", true);
    importCertParser.addArgument(importCertAlias);
    final FileArgument importCertCertificateFile = new FileArgument(null, "certificate-file", true, 0, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_CERT_FILE_DESC.get(), true, true, true, false);
    importCertCertificateFile.addLongIdentifier("certificateFile", true);
    importCertCertificateFile.addLongIdentifier("certificate-chain-file", true);
    importCertCertificateFile.addLongIdentifier("certificateChainFile", true);
    importCertCertificateFile.addLongIdentifier("input-file", true);
    importCertCertificateFile.addLongIdentifier("inputFile", true);
    importCertCertificateFile.addLongIdentifier("import-file", true);
    importCertCertificateFile.addLongIdentifier("importFile", true);
    importCertCertificateFile.addLongIdentifier("file", true);
    importCertCertificateFile.addLongIdentifier("filename", true);
    importCertParser.addArgument(importCertCertificateFile);
    final FileArgument importCertPKFile = new FileArgument(null, "private-key-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_KEY_FILE_DESC.get(), true, true, true, false);
    importCertPKFile.addLongIdentifier("privateKeyFile", true);
    importCertPKFile.addLongIdentifier("key-file", true);
    importCertPKFile.addLongIdentifier("keyFile", true);
    importCertParser.addArgument(importCertPKFile);
    final StringArgument importCertPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_DESC.get());
    importCertPKPassword.addLongIdentifier("privateKeyPassword", true);
    importCertPKPassword.addLongIdentifier("private-key-passphrase", true);
    importCertPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    importCertPKPassword.addLongIdentifier("private-key-pin", true);
    importCertPKPassword.addLongIdentifier("privateKeyPIN", true);
    importCertPKPassword.addLongIdentifier("key-password", true);
    importCertPKPassword.addLongIdentifier("keyPassword", true);
    importCertPKPassword.addLongIdentifier("key-passphrase", true);
    importCertPKPassword.addLongIdentifier("keyPassphrase", true);
    importCertPKPassword.addLongIdentifier("key-pin", true);
    importCertPKPassword.addLongIdentifier("keyPIN", true);
    importCertPKPassword.addLongIdentifier("keypass", true);
    importCertPKPassword.setSensitive(true);
    importCertParser.addArgument(importCertPKPassword);
    final FileArgument importCertPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    importCertPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    importCertPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    importCertPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-password-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    importCertPKPasswordFile.addLongIdentifier("key-pin-file", true);
    importCertPKPasswordFile.addLongIdentifier("keyPINFile", true);
    importCertParser.addArgument(importCertPKPasswordFile);
    final BooleanArgument importCertPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    importCertPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    importCertPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    importCertParser.addArgument(importCertPromptForPKPassword);
    final BooleanArgument importCertNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_NO_PROMPT_DESC.get());
    importCertNoPrompt.addLongIdentifier("noPrompt", true);
    importCertParser.addArgument(importCertNoPrompt);
    final BooleanArgument importCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_IMPORT_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    importCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    importCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    importCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    importCertParser.addArgument(importCertDisplayCommand);
    importCertParser.addRequiredArgumentSet(importCertKeystorePassword, importCertKeystorePasswordFile, importCertPromptForKeystorePassword);
    importCertParser.addExclusiveArgumentSet(importCertKeystorePassword, importCertKeystorePasswordFile, importCertPromptForKeystorePassword);
    importCertParser.addExclusiveArgumentSet(importCertPKPassword, importCertPKPasswordFile, importCertPromptForPKPassword);
    final LinkedHashMap<String[], String> importCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    importCertExamples.put(new String[] { "import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--certificate-file", "server-cert.crt" }, INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_1.get("server-cert.crt"));
    importCertExamples.put(new String[] { "import-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--certificate-file", "server-cert.crt", "--certificate-file", "server-cert-issuer.crt", "--private-key-file", "server-cert.key", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_IMPORT_CERT_EXAMPLE_2.get());
    final SubCommand importCertSubCommand = new SubCommand("import-certificate", INFO_MANAGE_CERTS_SC_IMPORT_CERT_DESC.get(), importCertParser, importCertExamples);
    importCertSubCommand.addName("importCertificate", true);
    importCertSubCommand.addName("import-certificates", true);
    importCertSubCommand.addName("importCertificates", true);
    importCertSubCommand.addName("import-cert", true);
    importCertSubCommand.addName("importCert", true);
    importCertSubCommand.addName("import-certs", true);
    importCertSubCommand.addName("importCerts", true);
    importCertSubCommand.addName("import-certificate-chain", true);
    importCertSubCommand.addName("importCertificateChain", true);
    importCertSubCommand.addName("import-chain", true);
    importCertSubCommand.addName("importChain", true);
    importCertSubCommand.addName("import", true);
    parser.addSubCommand(importCertSubCommand);
    // Define the "delete-certificate" subcommand and all of its arguments.
    final ArgumentParser deleteCertParser = new ArgumentParser("delete-certificate", INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get());
    final FileArgument deleteCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_DESC.get(), true, true, true, false);
    deleteCertKeystore.addLongIdentifier("keystore-path", true);
    deleteCertKeystore.addLongIdentifier("keystorePath", true);
    deleteCertKeystore.addLongIdentifier("keystore-file", true);
    deleteCertKeystore.addLongIdentifier("keystoreFile", true);
    deleteCertParser.addArgument(deleteCertKeystore);
    final StringArgument deleteCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_DESC.get());
    deleteCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    deleteCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    deleteCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    deleteCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    deleteCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    deleteCertKeystorePassword.addLongIdentifier("storepass", true);
    deleteCertKeystorePassword.setSensitive(true);
    deleteCertParser.addArgument(deleteCertKeystorePassword);
    final FileArgument deleteCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    deleteCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    deleteCertParser.addArgument(deleteCertKeystorePasswordFile);
    final BooleanArgument deleteCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    deleteCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    deleteCertParser.addArgument(deleteCertPromptForKeystorePassword);
    final StringArgument deleteCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    deleteCertKeystoreType.addLongIdentifier("key-store-type", true);
    deleteCertKeystoreType.addLongIdentifier("keystoreType", true);
    deleteCertKeystoreType.addLongIdentifier("keystore-format", true);
    deleteCertKeystoreType.addLongIdentifier("key-store-format", true);
    deleteCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    deleteCertKeystoreType.addLongIdentifier("storetype", true);
    deleteCertParser.addArgument(deleteCertKeystoreType);
    final StringArgument deleteCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_ALIAS_DESC.get());
    deleteCertAlias.addLongIdentifier("nickname", true);
    deleteCertParser.addArgument(deleteCertAlias);
    final BooleanArgument deleteCertNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_NO_PROMPT_DESC.get());
    deleteCertNoPrompt.addLongIdentifier("noPrompt", true);
    deleteCertParser.addArgument(deleteCertNoPrompt);
    final BooleanArgument deleteCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DELETE_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    deleteCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    deleteCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    deleteCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    deleteCertParser.addArgument(deleteCertDisplayCommand);
    deleteCertParser.addExclusiveArgumentSet(deleteCertKeystorePassword, deleteCertKeystorePasswordFile, deleteCertPromptForKeystorePassword);
    deleteCertParser.addRequiredArgumentSet(deleteCertKeystorePassword, deleteCertKeystorePasswordFile, deleteCertPromptForKeystorePassword);
    final LinkedHashMap<String[], String> deleteCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    deleteCertExamples.put(new String[] { "delete-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_DELETE_CERT_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand deleteCertSubCommand = new SubCommand("delete-certificate", INFO_MANAGE_CERTS_SC_DELETE_CERT_DESC.get(), deleteCertParser, deleteCertExamples);
    deleteCertSubCommand.addName("deleteCertificate", true);
    deleteCertSubCommand.addName("remove-certificate", true);
    deleteCertSubCommand.addName("removeCertificate", true);
    deleteCertSubCommand.addName("delete", true);
    deleteCertSubCommand.addName("remove", true);
    parser.addSubCommand(deleteCertSubCommand);
    // Define the "generate-self-signed-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser genCertParser = new ArgumentParser("generate-self-signed-certificate", INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get());
    final FileArgument genCertKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_DESC.get(), false, true, true, false);
    genCertKeystore.addLongIdentifier("keystore-path", true);
    genCertKeystore.addLongIdentifier("keystorePath", true);
    genCertKeystore.addLongIdentifier("keystore-file", true);
    genCertKeystore.addLongIdentifier("keystoreFile", true);
    genCertParser.addArgument(genCertKeystore);
    final StringArgument genCertKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_DESC.get());
    genCertKeystorePassword.addLongIdentifier("keystorePassword", true);
    genCertKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    genCertKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    genCertKeystorePassword.addLongIdentifier("keystore-pin", true);
    genCertKeystorePassword.addLongIdentifier("keystorePIN", true);
    genCertKeystorePassword.addLongIdentifier("storepass", true);
    genCertKeystorePassword.setSensitive(true);
    genCertParser.addArgument(genCertKeystorePassword);
    final FileArgument genCertKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    genCertKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    genCertParser.addArgument(genCertKeystorePasswordFile);
    final BooleanArgument genCertPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_KS_PW_DESC.get());
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    genCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    genCertPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    genCertPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    genCertParser.addArgument(genCertPromptForKeystorePassword);
    final StringArgument genCertPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_DESC.get());
    genCertPKPassword.addLongIdentifier("privateKeyPassword", true);
    genCertPKPassword.addLongIdentifier("private-key-passphrase", true);
    genCertPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    genCertPKPassword.addLongIdentifier("private-key-pin", true);
    genCertPKPassword.addLongIdentifier("privateKeyPIN", true);
    genCertPKPassword.addLongIdentifier("key-password", true);
    genCertPKPassword.addLongIdentifier("keyPassword", true);
    genCertPKPassword.addLongIdentifier("key-passphrase", true);
    genCertPKPassword.addLongIdentifier("keyPassphrase", true);
    genCertPKPassword.addLongIdentifier("key-pin", true);
    genCertPKPassword.addLongIdentifier("keyPIN", true);
    genCertPKPassword.addLongIdentifier("keypass", true);
    genCertPKPassword.setSensitive(true);
    genCertParser.addArgument(genCertPKPassword);
    final FileArgument genCertPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    genCertPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    genCertPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    genCertPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-password-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    genCertPKPasswordFile.addLongIdentifier("key-pin-file", true);
    genCertPKPasswordFile.addLongIdentifier("keyPINFile", true);
    genCertParser.addArgument(genCertPKPasswordFile);
    final BooleanArgument genCertPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_PROMPT_FOR_PK_PW_DESC.get());
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    genCertPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    genCertPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    genCertParser.addArgument(genCertPromptForPKPassword);
    final StringArgument genCertKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    genCertKeystoreType.addLongIdentifier("key-store-type", true);
    genCertKeystoreType.addLongIdentifier("keystoreType", true);
    genCertKeystoreType.addLongIdentifier("keystore-format", true);
    genCertKeystoreType.addLongIdentifier("key-store-format", true);
    genCertKeystoreType.addLongIdentifier("keystoreFormat", true);
    genCertKeystoreType.addLongIdentifier("storetype", true);
    genCertParser.addArgument(genCertKeystoreType);
    final StringArgument genCertAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_ALIAS_DESC.get());
    genCertAlias.addLongIdentifier("nickname", true);
    genCertParser.addArgument(genCertAlias);
    final BooleanArgument genCertReplace = new BooleanArgument(null, "replace-existing-certificate", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_REPLACE_DESC.get());
    genCertReplace.addLongIdentifier("replaceExistingCertificate", true);
    genCertReplace.addLongIdentifier("replace-certificate", true);
    genCertReplace.addLongIdentifier("replaceCertificate", true);
    genCertReplace.addLongIdentifier("replace-existing", true);
    genCertReplace.addLongIdentifier("replaceExisting", true);
    genCertReplace.addLongIdentifier("replace", true);
    genCertReplace.addLongIdentifier("use-existing-key-pair", true);
    genCertReplace.addLongIdentifier("use-existing-keypair", true);
    genCertReplace.addLongIdentifier("useExistingKeypair", true);
    genCertParser.addArgument(genCertReplace);
    final DNArgument genCertSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SUBJECT_DN_DESC.get());
    genCertSubjectDN.addLongIdentifier("subjectDN", true);
    genCertSubjectDN.addLongIdentifier("subject", true);
    genCertSubjectDN.addLongIdentifier("dname", true);
    genCertParser.addArgument(genCertSubjectDN);
    final IntegerArgument genCertDaysValid = new IntegerArgument(null, "days-valid", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
    genCertDaysValid.addLongIdentifier("daysValid", true);
    genCertDaysValid.addLongIdentifier("validity", true);
    genCertParser.addArgument(genCertDaysValid);
    final TimestampArgument genCertNotBefore = new TimestampArgument(null, "validity-start-time", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_VALIDITY_START_TIME_DESC.get("20180102123456"));
    genCertNotBefore.addLongIdentifier("validityStartTime", true);
    genCertNotBefore.addLongIdentifier("not-before", true);
    genCertNotBefore.addLongIdentifier("notBefore", true);
    genCertParser.addArgument(genCertNotBefore);
    final StringArgument genCertKeyAlgorithm = new StringArgument(null, "key-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_ALGORITHM_DESC.get());
    genCertKeyAlgorithm.addLongIdentifier("keyAlgorithm", true);
    genCertKeyAlgorithm.addLongIdentifier("key-alg", true);
    genCertKeyAlgorithm.addLongIdentifier("keyAlg", true);
    genCertParser.addArgument(genCertKeyAlgorithm);
    final IntegerArgument genCertKeySizeBits = new IntegerArgument(null, "key-size-bits", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KEY_SIZE_BITS_DESC.get(), 1, Integer.MAX_VALUE);
    genCertKeySizeBits.addLongIdentifier("keySizeBits", true);
    genCertKeySizeBits.addLongIdentifier("key-length-bits", true);
    genCertKeySizeBits.addLongIdentifier("keyLengthBits", true);
    genCertKeySizeBits.addLongIdentifier("key-size", true);
    genCertKeySizeBits.addLongIdentifier("keySize", true);
    genCertKeySizeBits.addLongIdentifier("key-length", true);
    genCertKeySizeBits.addLongIdentifier("keyLength", true);
    genCertParser.addArgument(genCertKeySizeBits);
    final StringArgument genCertSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SIG_ALG_DESC.get());
    genCertSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    genCertSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    genCertSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    genCertSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    genCertSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    genCertParser.addArgument(genCertSignatureAlgorithm);
    final BooleanArgument genCertInheritExtensions = new BooleanArgument(null, "inherit-extensions", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_INHERIT_EXT_DESC.get());
    genCertInheritExtensions.addLongIdentifier("inheritExtensions", true);
    genCertParser.addArgument(genCertInheritExtensions);
    final StringArgument genCertSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_DNS_DESC.get());
    genCertSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    genCertSubjectAltDNS.addLongIdentifier("san-dns", true);
    genCertSubjectAltDNS.addLongIdentifier("sanDNS", true);
    genCertSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCertParser.addArgument(genCertSubjectAltDNS);
    final StringArgument genCertSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_IP_DESC.get());
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    genCertSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    genCertSubjectAltIP.addLongIdentifier("san-ip-address", true);
    genCertSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    genCertSubjectAltIP.addLongIdentifier("san-ip", true);
    genCertSubjectAltIP.addLongIdentifier("sanIP", true);
    genCertSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    genCertParser.addArgument(genCertSubjectAltIP);
    final StringArgument genCertSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_EMAIL_DESC.get());
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    genCertSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    genCertSubjectAltEmail.addLongIdentifier("san-email-address", true);
    genCertSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    genCertSubjectAltEmail.addLongIdentifier("san-email", true);
    genCertSubjectAltEmail.addLongIdentifier("sanEmail", true);
    genCertSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCertParser.addArgument(genCertSubjectAltEmail);
    final StringArgument genCertSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_URI_DESC.get());
    genCertSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    genCertSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    genCertSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    genCertSubjectAltURI.addLongIdentifier("san-uri", true);
    genCertSubjectAltURI.addLongIdentifier("sanURI", true);
    genCertParser.addArgument(genCertSubjectAltURI);
    final StringArgument genCertSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_SAN_OID_DESC.get());
    genCertSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    genCertSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    genCertSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    genCertSubjectAltOID.addLongIdentifier("san-oid", true);
    genCertSubjectAltOID.addLongIdentifier("sanOID", true);
    genCertSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    genCertParser.addArgument(genCertSubjectAltOID);
    final BooleanValueArgument genCertBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_IS_CA_DESC.get());
    genCertBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    genCertBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    genCertBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    genCertParser.addArgument(genCertBasicConstraintsIsCA);
    final IntegerArgument genCertBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    genCertBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    genCertParser.addArgument(genCertBasicConstraintsPathLength);
    final StringArgument genCertKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_KU_DESC.get());
    genCertKeyUsage.addLongIdentifier("keyUsage", true);
    genCertParser.addArgument(genCertKeyUsage);
    final StringArgument genCertExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EKU_DESC.get());
    genCertExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    genCertParser.addArgument(genCertExtendedKeyUsage);
    final StringArgument genCertExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_EXT_DESC.get());
    genCertExtension.addLongIdentifier("ext", true);
    genCertParser.addArgument(genCertExtension);
    final FileArgument genCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    genCertOutputFile.addLongIdentifier("outputFile", true);
    genCertOutputFile.addLongIdentifier("filename", true);
    genCertOutputFile.addLongIdentifier("file", true);
    genCertParser.addArgument(genCertOutputFile);
    final Set<String> genCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument genCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_FORMAT_DESC.get(), genCertOutputFormatAllowedValues, "PEM");
    genCertOutputFormat.addLongIdentifier("outputFormat", true);
    genCertParser.addArgument(genCertOutputFormat);
    final BooleanArgument genCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    genCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    genCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    genCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    genCertParser.addArgument(genCertDisplayCommand);
    genCertParser.addRequiredArgumentSet(genCertKeystorePassword, genCertKeystorePasswordFile, genCertPromptForKeystorePassword);
    genCertParser.addExclusiveArgumentSet(genCertKeystorePassword, genCertKeystorePasswordFile, genCertPromptForKeystorePassword);
    genCertParser.addExclusiveArgumentSet(genCertPKPassword, genCertPKPasswordFile, genCertPromptForPKPassword);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertKeyAlgorithm);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertKeySizeBits);
    genCertParser.addExclusiveArgumentSet(genCertReplace, genCertSignatureAlgorithm);
    genCertParser.addDependentArgumentSet(genCertBasicConstraintsPathLength, genCertBasicConstraintsIsCA);
    genCertParser.addDependentArgumentSet(genCertOutputFormat, genCertOutputFile);
    final LinkedHashMap<String[], String> genCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(4));
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_1.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--replace-existing-certificate", "--inherit-extensions" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_2.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--days-valid", "3650", "--validity-start-time", "20170101000000", "--key-algorithm", "RSA", "--key-size-bits", "4096", "--signature-algorithm", "SHA256withRSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_3.get());
    genCertExamples.put(new String[] { "generate-self-signed-certificate", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "ca-cert", "--subject-dn", "CN=Example Certification Authority,O=Example Corp,C=US", "--days-valid", "7300", "--validity-start-time", "20170101000000", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--basic-constraints-is-ca", "true", "--key-usage", "key-cert-sign", "--key-usage", "crl-sign", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CERT_EXAMPLE_4.get());
    final SubCommand genCertSubCommand = new SubCommand("generate-self-signed-certificate", INFO_MANAGE_CERTS_SC_GEN_CERT_DESC.get(), genCertParser, genCertExamples);
    genCertSubCommand.addName("generateSelfSignedCertificate", true);
    genCertSubCommand.addName("generate-certificate", true);
    genCertSubCommand.addName("generateCertificate", true);
    genCertSubCommand.addName("self-signed-certificate", true);
    genCertSubCommand.addName("selfSignedCertificate", true);
    genCertSubCommand.addName("selfcert", true);
    parser.addSubCommand(genCertSubCommand);
    // Define the "generate-certificate-signing-request" subcommand and all of
    // its arguments.
    final ArgumentParser genCSRParser = new ArgumentParser("generate-certificate-signing-request", INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get());
    final Set<String> genCSROutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument genCSROutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_FORMAT_DESC.get(), genCSROutputFormatAllowedValues, "PEM");
    genCSROutputFormat.addLongIdentifier("outputFormat", true);
    genCSRParser.addArgument(genCSROutputFormat);
    final FileArgument genCSROutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    genCSROutputFile.addLongIdentifier("outputFile", true);
    genCSROutputFile.addLongIdentifier("filename", true);
    genCSROutputFile.addLongIdentifier("file", true);
    genCSRParser.addArgument(genCSROutputFile);
    final FileArgument genCSRKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_DESC.get(), false, true, true, false);
    genCSRKeystore.addLongIdentifier("keystore-path", true);
    genCSRKeystore.addLongIdentifier("keystorePath", true);
    genCSRKeystore.addLongIdentifier("keystore-file", true);
    genCSRKeystore.addLongIdentifier("keystoreFile", true);
    genCSRParser.addArgument(genCSRKeystore);
    final StringArgument genCSRKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_DESC.get());
    genCSRKeystorePassword.addLongIdentifier("keystorePassword", true);
    genCSRKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    genCSRKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    genCSRKeystorePassword.addLongIdentifier("keystore-pin", true);
    genCSRKeystorePassword.addLongIdentifier("keystorePIN", true);
    genCSRKeystorePassword.addLongIdentifier("storepass", true);
    genCSRKeystorePassword.setSensitive(true);
    genCSRParser.addArgument(genCSRKeystorePassword);
    final FileArgument genCSRKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    genCSRKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    genCSRParser.addArgument(genCSRKeystorePasswordFile);
    final BooleanArgument genCSRPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    genCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    genCSRParser.addArgument(genCSRPromptForKeystorePassword);
    final StringArgument genCSRPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_DESC.get());
    genCSRPKPassword.addLongIdentifier("privateKeyPassword", true);
    genCSRPKPassword.addLongIdentifier("private-key-passphrase", true);
    genCSRPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    genCSRPKPassword.addLongIdentifier("private-key-pin", true);
    genCSRPKPassword.addLongIdentifier("privateKeyPIN", true);
    genCSRPKPassword.addLongIdentifier("key-password", true);
    genCSRPKPassword.addLongIdentifier("keyPassword", true);
    genCSRPKPassword.addLongIdentifier("key-passphrase", true);
    genCSRPKPassword.addLongIdentifier("keyPassphrase", true);
    genCSRPKPassword.addLongIdentifier("key-pin", true);
    genCSRPKPassword.addLongIdentifier("keyPIN", true);
    genCSRPKPassword.addLongIdentifier("keypass", true);
    genCSRPKPassword.setSensitive(true);
    genCSRParser.addArgument(genCSRPKPassword);
    final FileArgument genCSRPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    genCSRPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    genCSRPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    genCSRPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-password-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    genCSRPKPasswordFile.addLongIdentifier("key-pin-file", true);
    genCSRPKPasswordFile.addLongIdentifier("keyPINFile", true);
    genCSRParser.addArgument(genCSRPKPasswordFile);
    final BooleanArgument genCSRPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    genCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    genCSRPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    genCSRParser.addArgument(genCSRPromptForPKPassword);
    final StringArgument genCSRKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    genCSRKeystoreType.addLongIdentifier("key-store-type", true);
    genCSRKeystoreType.addLongIdentifier("keystoreType", true);
    genCSRKeystoreType.addLongIdentifier("keystore-format", true);
    genCSRKeystoreType.addLongIdentifier("key-store-format", true);
    genCSRKeystoreType.addLongIdentifier("keystoreFormat", true);
    genCSRKeystoreType.addLongIdentifier("storetype", true);
    genCSRParser.addArgument(genCSRKeystoreType);
    final StringArgument genCSRAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_ALIAS_DESC.get());
    genCSRAlias.addLongIdentifier("nickname", true);
    genCSRParser.addArgument(genCSRAlias);
    final BooleanArgument genCSRReplace = new BooleanArgument(null, "use-existing-key-pair", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_REPLACE_DESC.get());
    genCSRReplace.addLongIdentifier("use-existing-keypair", true);
    genCSRReplace.addLongIdentifier("useExistingKeyPair", true);
    genCSRReplace.addLongIdentifier("replace-existing-certificate", true);
    genCSRReplace.addLongIdentifier("replaceExistingCertificate", true);
    genCSRReplace.addLongIdentifier("replace-certificate", true);
    genCSRReplace.addLongIdentifier("replaceCertificate", true);
    genCSRReplace.addLongIdentifier("replace-existing", true);
    genCSRReplace.addLongIdentifier("replaceExisting", true);
    genCSRReplace.addLongIdentifier("replace", true);
    genCSRParser.addArgument(genCSRReplace);
    final DNArgument genCSRSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SUBJECT_DN_DESC.get());
    genCSRSubjectDN.addLongIdentifier("subjectDN", true);
    genCSRSubjectDN.addLongIdentifier("subject", true);
    genCSRSubjectDN.addLongIdentifier("dname", true);
    genCSRParser.addArgument(genCSRSubjectDN);
    final StringArgument genCSRKeyAlgorithm = new StringArgument(null, "key-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_ALGORITHM_DESC.get());
    genCSRKeyAlgorithm.addLongIdentifier("keyAlgorithm", true);
    genCSRKeyAlgorithm.addLongIdentifier("key-alg", true);
    genCSRKeyAlgorithm.addLongIdentifier("keyAlg", true);
    genCSRParser.addArgument(genCSRKeyAlgorithm);
    final IntegerArgument genCSRKeySizeBits = new IntegerArgument(null, "key-size-bits", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_BITS.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KEY_SIZE_BITS_DESC.get(), 1, Integer.MAX_VALUE);
    genCSRKeySizeBits.addLongIdentifier("keySizeBits", true);
    genCSRKeySizeBits.addLongIdentifier("key-length-bits", true);
    genCSRKeySizeBits.addLongIdentifier("keyLengthBits", true);
    genCSRKeySizeBits.addLongIdentifier("key-size", true);
    genCSRKeySizeBits.addLongIdentifier("keySize", true);
    genCSRKeySizeBits.addLongIdentifier("key-length", true);
    genCSRKeySizeBits.addLongIdentifier("keyLength", true);
    genCSRParser.addArgument(genCSRKeySizeBits);
    final StringArgument genCSRSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SIG_ALG_DESC.get());
    genCSRSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    genCSRSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    genCSRSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    genCSRParser.addArgument(genCSRSignatureAlgorithm);
    final BooleanArgument genCSRInheritExtensions = new BooleanArgument(null, "inherit-extensions", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_INHERIT_EXT_DESC.get());
    genCSRInheritExtensions.addLongIdentifier("inheritExtensions", true);
    genCSRParser.addArgument(genCSRInheritExtensions);
    final StringArgument genCSRSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_DNS_DESC.get());
    genCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    genCSRSubjectAltDNS.addLongIdentifier("san-dns", true);
    genCSRSubjectAltDNS.addLongIdentifier("sanDNS", true);
    genCSRSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCSRParser.addArgument(genCSRSubjectAltDNS);
    final StringArgument genCSRSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_IP_DESC.get());
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    genCSRSubjectAltIP.addLongIdentifier("san-ip-address", true);
    genCSRSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    genCSRSubjectAltIP.addLongIdentifier("san-ip", true);
    genCSRSubjectAltIP.addLongIdentifier("sanIP", true);
    genCSRSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    genCSRParser.addArgument(genCSRSubjectAltIP);
    final StringArgument genCSRSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_EMAIL_DESC.get());
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    genCSRSubjectAltEmail.addLongIdentifier("san-email-address", true);
    genCSRSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    genCSRSubjectAltEmail.addLongIdentifier("san-email", true);
    genCSRSubjectAltEmail.addLongIdentifier("sanEmail", true);
    genCSRSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    genCSRParser.addArgument(genCSRSubjectAltEmail);
    final StringArgument genCSRSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_URI_DESC.get());
    genCSRSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    genCSRSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    genCSRSubjectAltURI.addLongIdentifier("san-uri", true);
    genCSRSubjectAltURI.addLongIdentifier("sanURI", true);
    genCSRParser.addArgument(genCSRSubjectAltURI);
    final StringArgument genCSRSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_SAN_OID_DESC.get());
    genCSRSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    genCSRSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    genCSRSubjectAltOID.addLongIdentifier("san-oid", true);
    genCSRSubjectAltOID.addLongIdentifier("sanOID", true);
    genCSRSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    genCSRParser.addArgument(genCSRSubjectAltOID);
    final BooleanValueArgument genCSRBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_BC_IS_CA_DESC.get());
    genCSRBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    genCSRBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    genCSRBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    genCSRParser.addArgument(genCSRBasicConstraintsIsCA);
    final IntegerArgument genCSRBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    genCSRBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    genCSRParser.addArgument(genCSRBasicConstraintsPathLength);
    final StringArgument genCSRKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_KU_DESC.get());
    genCSRKeyUsage.addLongIdentifier("keyUsage", true);
    genCSRParser.addArgument(genCSRKeyUsage);
    final StringArgument genCSRExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EKU_DESC.get());
    genCSRExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    genCSRParser.addArgument(genCSRExtendedKeyUsage);
    final StringArgument genCSRExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_EXT_DESC.get());
    genCSRExtension.addLongIdentifier("ext", true);
    genCSRParser.addArgument(genCSRExtension);
    final BooleanArgument genCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_GEN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    genCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    genCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    genCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    genCSRParser.addArgument(genCSRDisplayCommand);
    genCSRParser.addRequiredArgumentSet(genCSRKeystorePassword, genCSRKeystorePasswordFile, genCSRPromptForKeystorePassword);
    genCSRParser.addExclusiveArgumentSet(genCSRKeystorePassword, genCSRKeystorePasswordFile, genCSRPromptForKeystorePassword);
    genCSRParser.addExclusiveArgumentSet(genCSRPKPassword, genCSRPKPasswordFile, genCSRPromptForPKPassword);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRKeyAlgorithm);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRKeySizeBits);
    genCSRParser.addExclusiveArgumentSet(genCSRReplace, genCSRSignatureAlgorithm);
    genCSRParser.addDependentArgumentSet(genCSRBasicConstraintsPathLength, genCSRBasicConstraintsIsCA);
    final LinkedHashMap<String[], String> genCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(3));
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_1.get());
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--use-existing-key-pair", "--inherit-extensions", "--output-file", "server-cert.csr" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_2.get());
    genCSRExamples.put(new String[] { "generate-certificate-signing-request", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--subject-dn", "CN=ldap.example.com,O=Example Corp,C=US", "--key-algorithm", "EC", "--key-size-bits", "256", "--signature-algorithm", "SHA256withECDSA", "--subject-alternative-name-dns", "ldap1.example.com", "--subject-alternative-name-dns", "ldap2.example.com", "--subject-alternative-name-ip-address", "1.2.3.4", "--subject-alternative-name-ip-address", "1.2.3.5", "--extended-key-usage", "server-auth", "--extended-key-usage", "client-auth", "--output-file", "server-cert.csr", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_GEN_CSR_EXAMPLE_3.get());
    final SubCommand genCSRSubCommand = new SubCommand("generate-certificate-signing-request", INFO_MANAGE_CERTS_SC_GEN_CSR_DESC.get(), genCSRParser, genCSRExamples);
    genCSRSubCommand.addName("generateCertificateSigningRequest", true);
    genCSRSubCommand.addName("generate-certificate-request", true);
    genCSRSubCommand.addName("generateCertificateRequest", true);
    genCSRSubCommand.addName("generate-csr", true);
    genCSRSubCommand.addName("generateCSR", true);
    genCSRSubCommand.addName("certificate-signing-request", true);
    genCSRSubCommand.addName("certificateSigningRequest", true);
    genCSRSubCommand.addName("csr", true);
    genCSRSubCommand.addName("certreq", true);
    parser.addSubCommand(genCSRSubCommand);
    // Define the "sign-certificate-signing-request" subcommand and all of its
    // arguments.
    final ArgumentParser signCSRParser = new ArgumentParser("sign-certificate-signing-request", INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get());
    final FileArgument signCSRInputFile = new FileArgument(null, "request-input-file", true, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INPUT_FILE_DESC.get(), true, true, true, false);
    signCSRInputFile.addLongIdentifier("requestInputFile", true);
    signCSRInputFile.addLongIdentifier("certificate-signing-request", true);
    signCSRInputFile.addLongIdentifier("certificateSigningRequest", true);
    signCSRInputFile.addLongIdentifier("input-file", false);
    signCSRInputFile.addLongIdentifier("inputFile", true);
    signCSRInputFile.addLongIdentifier("csr", true);
    signCSRParser.addArgument(signCSRInputFile);
    final FileArgument signCSROutputFile = new FileArgument(null, "certificate-output-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_OUTPUT_FILE_DESC.get(), false, true, true, false);
    signCSROutputFile.addLongIdentifier("certificateOutputFile", true);
    signCSROutputFile.addLongIdentifier("output-file", false);
    signCSROutputFile.addLongIdentifier("outputFile", true);
    signCSROutputFile.addLongIdentifier("certificate-file", true);
    signCSROutputFile.addLongIdentifier("certificateFile", true);
    signCSRParser.addArgument(signCSROutputFile);
    final Set<String> signCSROutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument signCSROutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_FORMAT_DESC.get(), signCSROutputFormatAllowedValues, "PEM");
    signCSROutputFormat.addLongIdentifier("outputFormat", true);
    signCSRParser.addArgument(signCSROutputFormat);
    final FileArgument signCSRKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_DESC.get(), true, true, true, false);
    signCSRKeystore.addLongIdentifier("keystore-path", true);
    signCSRKeystore.addLongIdentifier("keystorePath", true);
    signCSRKeystore.addLongIdentifier("keystore-file", true);
    signCSRKeystore.addLongIdentifier("keystoreFile", true);
    signCSRParser.addArgument(signCSRKeystore);
    final StringArgument signCSRKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_DESC.get());
    signCSRKeystorePassword.addLongIdentifier("keystorePassword", true);
    signCSRKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    signCSRKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    signCSRKeystorePassword.addLongIdentifier("keystore-pin", true);
    signCSRKeystorePassword.addLongIdentifier("keystorePIN", true);
    signCSRKeystorePassword.addLongIdentifier("storepass", true);
    signCSRKeystorePassword.setSensitive(true);
    signCSRParser.addArgument(signCSRKeystorePassword);
    final FileArgument signCSRKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    signCSRKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    signCSRParser.addArgument(signCSRKeystorePasswordFile);
    final BooleanArgument signCSRPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_KS_PW_DESC.get());
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    signCSRPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    signCSRParser.addArgument(signCSRPromptForKeystorePassword);
    final StringArgument signCSRPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_DESC.get());
    signCSRPKPassword.addLongIdentifier("privateKeyPassword", true);
    signCSRPKPassword.addLongIdentifier("private-key-passphrase", true);
    signCSRPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    signCSRPKPassword.addLongIdentifier("private-key-pin", true);
    signCSRPKPassword.addLongIdentifier("privateKeyPIN", true);
    signCSRPKPassword.addLongIdentifier("key-password", true);
    signCSRPKPassword.addLongIdentifier("keyPassword", true);
    signCSRPKPassword.addLongIdentifier("key-passphrase", true);
    signCSRPKPassword.addLongIdentifier("keyPassphrase", true);
    signCSRPKPassword.addLongIdentifier("key-pin", true);
    signCSRPKPassword.addLongIdentifier("keyPIN", true);
    signCSRPKPassword.addLongIdentifier("keypass", true);
    signCSRPKPassword.setSensitive(true);
    signCSRParser.addArgument(signCSRPKPassword);
    final FileArgument signCSRPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    signCSRPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    signCSRPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    signCSRPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-password-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    signCSRPKPasswordFile.addLongIdentifier("key-pin-file", true);
    signCSRPKPasswordFile.addLongIdentifier("keyPINFile", true);
    signCSRParser.addArgument(signCSRPKPasswordFile);
    final BooleanArgument signCSRPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_PROMPT_FOR_PK_PW_DESC.get());
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    signCSRPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    signCSRPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    signCSRParser.addArgument(signCSRPromptForPKPassword);
    final StringArgument signCSRKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    signCSRKeystoreType.addLongIdentifier("key-store-type", true);
    signCSRKeystoreType.addLongIdentifier("keystoreType", true);
    signCSRKeystoreType.addLongIdentifier("keystore-format", true);
    signCSRKeystoreType.addLongIdentifier("key-store-format", true);
    signCSRKeystoreType.addLongIdentifier("keystoreFormat", true);
    signCSRKeystoreType.addLongIdentifier("storetype", true);
    signCSRParser.addArgument(signCSRKeystoreType);
    final StringArgument signCSRAlias = new StringArgument(null, "signing-certificate-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_ALIAS_DESC.get());
    signCSRAlias.addLongIdentifier("signingCertificateAlias", true);
    signCSRAlias.addLongIdentifier("signing-certificate-nickname", true);
    signCSRAlias.addLongIdentifier("signingCertificateNickname", true);
    signCSRAlias.addLongIdentifier("alias", true);
    signCSRAlias.addLongIdentifier("nickname", true);
    signCSRParser.addArgument(signCSRAlias);
    final DNArgument signCSRSubjectDN = new DNArgument(null, "subject-dn", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SUBJECT_DN_DESC.get());
    signCSRSubjectDN.addLongIdentifier("subjectDN", true);
    signCSRSubjectDN.addLongIdentifier("subject", true);
    signCSRSubjectDN.addLongIdentifier("dname", true);
    signCSRParser.addArgument(signCSRSubjectDN);
    final IntegerArgument signCSRDaysValid = new IntegerArgument(null, "days-valid", false, 1, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DAYS_VALID_DESC.get(), 1, Integer.MAX_VALUE);
    signCSRDaysValid.addLongIdentifier("daysValid", true);
    signCSRDaysValid.addLongIdentifier("validity", true);
    signCSRParser.addArgument(signCSRDaysValid);
    final TimestampArgument signCSRNotBefore = new TimestampArgument(null, "validity-start-time", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TIMESTAMP.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_VALIDITY_START_TIME_DESC.get("20180102123456"));
    signCSRNotBefore.addLongIdentifier("validityStartTime", true);
    signCSRNotBefore.addLongIdentifier("not-before", true);
    signCSRNotBefore.addLongIdentifier("notBefore", true);
    signCSRParser.addArgument(signCSRNotBefore);
    final StringArgument signCSRSignatureAlgorithm = new StringArgument(null, "signature-algorithm", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SIG_ALG_DESC.get());
    signCSRSignatureAlgorithm.addLongIdentifier("signatureAlgorithm", true);
    signCSRSignatureAlgorithm.addLongIdentifier("signature-alg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("signatureAlg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("sig-alg", true);
    signCSRSignatureAlgorithm.addLongIdentifier("sigAlg", true);
    signCSRParser.addArgument(signCSRSignatureAlgorithm);
    final BooleanArgument signCSRIncludeExtensions = new BooleanArgument(null, "include-requested-extensions", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_INCLUDE_EXT_DESC.get());
    signCSRIncludeExtensions.addLongIdentifier("includeRequestedExtensions", true);
    signCSRParser.addArgument(signCSRIncludeExtensions);
    final StringArgument signCSRSubjectAltDNS = new StringArgument(null, "subject-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_DNS_DESC.get());
    signCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeNameDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alt-name-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAltNameDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alternative-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAlternativeDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("subject-alt-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("subjectAltDNS", true);
    signCSRSubjectAltDNS.addLongIdentifier("san-dns", true);
    signCSRSubjectAltDNS.addLongIdentifier("sanDNS", true);
    signCSRSubjectAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRSubjectAltDNS);
    final StringArgument signCSRSubjectAltIP = new StringArgument(null, "subject-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_IP_DESC.get());
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-name-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeNameIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltNameIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-name-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltNameIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alternative-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAlternativeIP", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("subject-alt-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("subjectAltIP", true);
    signCSRSubjectAltIP.addLongIdentifier("san-ip-address", true);
    signCSRSubjectAltIP.addLongIdentifier("sanIPAddress", true);
    signCSRSubjectAltIP.addLongIdentifier("san-ip", true);
    signCSRSubjectAltIP.addLongIdentifier("sanIP", true);
    signCSRSubjectAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    signCSRParser.addArgument(signCSRSubjectAltIP);
    final StringArgument signCSRSubjectAltEmail = new StringArgument(null, "subject-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_EMAIL_DESC.get());
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-name-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeNameEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-name-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltNameEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alternative-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAlternativeEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("subject-alt-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("subjectAltEmail", true);
    signCSRSubjectAltEmail.addLongIdentifier("san-email-address", true);
    signCSRSubjectAltEmail.addLongIdentifier("sanEmailAddress", true);
    signCSRSubjectAltEmail.addLongIdentifier("san-email", true);
    signCSRSubjectAltEmail.addLongIdentifier("sanEmail", true);
    signCSRSubjectAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRSubjectAltEmail);
    final StringArgument signCSRSubjectAltURI = new StringArgument(null, "subject-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_URI_DESC.get());
    signCSRSubjectAltURI.addLongIdentifier("subjectAlternativeNameURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alt-name-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAltNameURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alternative-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAlternativeURI", true);
    signCSRSubjectAltURI.addLongIdentifier("subject-alt-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("subjectAltURI", true);
    signCSRSubjectAltURI.addLongIdentifier("san-uri", true);
    signCSRSubjectAltURI.addLongIdentifier("sanURI", true);
    signCSRParser.addArgument(signCSRSubjectAltURI);
    final StringArgument signCSRSubjectAltOID = new StringArgument(null, "subject-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_SAN_OID_DESC.get());
    signCSRSubjectAltOID.addLongIdentifier("subjectAlternativeNameOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alt-name-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAltNameOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alternative-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAlternativeOID", true);
    signCSRSubjectAltOID.addLongIdentifier("subject-alt-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("subjectAltOID", true);
    signCSRSubjectAltOID.addLongIdentifier("san-oid", true);
    signCSRSubjectAltOID.addLongIdentifier("sanOID", true);
    signCSRSubjectAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    signCSRParser.addArgument(signCSRSubjectAltOID);
    final StringArgument signCSRIssuerAltDNS = new StringArgument(null, "issuer-alternative-name-dns", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_DNS_DESC.get());
    signCSRIssuerAltDNS.addLongIdentifier("issuerAlternativeNameDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alt-name-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAltNameDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alternative-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAlternativeDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuer-alt-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("issuerAltDNS", true);
    signCSRIssuerAltDNS.addLongIdentifier("ian-dns", true);
    signCSRIssuerAltDNS.addLongIdentifier("ianDNS", true);
    signCSRIssuerAltDNS.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRIssuerAltDNS);
    final StringArgument signCSRIssuerAltIP = new StringArgument(null, "issuer-alternative-name-ip-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_IP_DESC.get());
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeNameIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-name-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeNameIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-name-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltNameIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-name-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltNameIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alternative-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAlternativeIP", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("issuer-alt-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("issuerAltIP", true);
    signCSRIssuerAltIP.addLongIdentifier("ian-ip-address", true);
    signCSRIssuerAltIP.addLongIdentifier("ianIPAddress", true);
    signCSRIssuerAltIP.addLongIdentifier("ian-ip", true);
    signCSRIssuerAltIP.addLongIdentifier("ianIP", true);
    signCSRIssuerAltIP.addValueValidator(new IPAddressArgumentValueValidator(true, true));
    signCSRParser.addArgument(signCSRIssuerAltIP);
    final StringArgument signCSRIssuerAltEmail = new StringArgument(null, "issuer-alternative-name-email-address", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_NAME.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_EMAIL_DESC.get());
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeNameEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-name-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeNameEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-name-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltNameEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-name-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltNameEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alternative-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAlternativeEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuer-alt-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("issuerAltEmail", true);
    signCSRIssuerAltEmail.addLongIdentifier("ian-email-address", true);
    signCSRIssuerAltEmail.addLongIdentifier("ianEmailAddress", true);
    signCSRIssuerAltEmail.addLongIdentifier("ian-email", true);
    signCSRIssuerAltEmail.addLongIdentifier("ianEmail", true);
    signCSRIssuerAltEmail.addValueValidator(new IA5StringArgumentValueValidator(false));
    signCSRParser.addArgument(signCSRIssuerAltEmail);
    final StringArgument signCSRIssuerAltURI = new StringArgument(null, "issuer-alternative-name-uri", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_URI.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_URI_DESC.get());
    signCSRIssuerAltURI.addLongIdentifier("issuerAlternativeNameURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alt-name-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAltNameURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alternative-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAlternativeURI", true);
    signCSRIssuerAltURI.addLongIdentifier("issuer-alt-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("issuerAltURI", true);
    signCSRIssuerAltURI.addLongIdentifier("ian-uri", true);
    signCSRIssuerAltURI.addLongIdentifier("ianURI", true);
    signCSRParser.addArgument(signCSRIssuerAltURI);
    final StringArgument signCSRIssuerAltOID = new StringArgument(null, "issuer-alternative-name-oid", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_OID.get(), INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_IAN_OID_DESC.get());
    signCSRIssuerAltOID.addLongIdentifier("issuerAlternativeNameOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alt-name-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAltNameOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alternative-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAlternativeOID", true);
    signCSRIssuerAltOID.addLongIdentifier("issuer-alt-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("issuerAltOID", true);
    signCSRIssuerAltOID.addLongIdentifier("ian-oid", true);
    signCSRIssuerAltOID.addLongIdentifier("ianOID", true);
    signCSRIssuerAltOID.addValueValidator(new OIDArgumentValueValidator(true));
    signCSRParser.addArgument(signCSRIssuerAltOID);
    final BooleanValueArgument signCSRBasicConstraintsIsCA = new BooleanValueArgument(null, "basic-constraints-is-ca", false, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_BC_IS_CA_DESC.get());
    signCSRBasicConstraintsIsCA.addLongIdentifier("basicConstraintsIsCA", true);
    signCSRBasicConstraintsIsCA.addLongIdentifier("bc-is-ca", true);
    signCSRBasicConstraintsIsCA.addLongIdentifier("bcIsCA", true);
    signCSRParser.addArgument(signCSRBasicConstraintsIsCA);
    final IntegerArgument signCSRBasicConstraintsPathLength = new IntegerArgument(null, "basic-constraints-maximum-path-length", false, 1, null, INFO_MANAGE_CERTS_SC_GEN_CERT_ARG_BC_PATH_LENGTH_DESC.get(), 0, Integer.MAX_VALUE);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaximumPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-max-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsMaxPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basic-constraints-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("basicConstraintsPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-maximum-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcMaximumPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-max-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcMaxPathLength", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bc-path-length", true);
    signCSRBasicConstraintsPathLength.addLongIdentifier("bcPathLength", true);
    signCSRParser.addArgument(signCSRBasicConstraintsPathLength);
    final StringArgument signCSRKeyUsage = new StringArgument(null, "key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_KU_DESC.get());
    signCSRKeyUsage.addLongIdentifier("keyUsage", true);
    signCSRParser.addArgument(signCSRKeyUsage);
    final StringArgument signCSRExtendedKeyUsage = new StringArgument(null, "extended-key-usage", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EKU_DESC.get());
    signCSRExtendedKeyUsage.addLongIdentifier("extendedKeyUsage", true);
    signCSRParser.addArgument(signCSRExtendedKeyUsage);
    final StringArgument signCSRExtension = new StringArgument(null, "extension", false, 0, null, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_EXT_DESC.get());
    signCSRExtension.addLongIdentifier("ext", true);
    signCSRParser.addArgument(signCSRExtension);
    final BooleanArgument signCSRNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_NO_PROMPT_DESC.get());
    signCSRNoPrompt.addLongIdentifier("noPrompt", true);
    signCSRParser.addArgument(signCSRNoPrompt);
    final BooleanArgument signCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_SIGN_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    signCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    signCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    signCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    signCSRParser.addArgument(signCSRDisplayCommand);
    signCSRParser.addRequiredArgumentSet(signCSRKeystorePassword, signCSRKeystorePasswordFile, signCSRPromptForKeystorePassword);
    signCSRParser.addExclusiveArgumentSet(signCSRKeystorePassword, signCSRKeystorePasswordFile, signCSRPromptForKeystorePassword);
    signCSRParser.addExclusiveArgumentSet(signCSRPKPassword, signCSRPKPasswordFile, signCSRPromptForPKPassword);
    signCSRParser.addDependentArgumentSet(signCSRBasicConstraintsPathLength, signCSRBasicConstraintsIsCA);
    final LinkedHashMap<String[], String> signCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    signCSRExamples.put(new String[] { "sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--include-requested-extensions" }, INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    signCSRExamples.put(new String[] { "sign-certificate-signing-request", "--request-input-file", "server-cert.csr", "--certificate-output-file", "server-cert.der", "--output-format", "DER", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--signing-certificate-alias", "ca-cert", "--days-valid", "730", "--validity-start-time", "20170101000000", "--include-requested-extensions", "--issuer-alternative-name-email-address", "ca@example.com" }, INFO_MANAGE_CERTS_SC_SIGN_CSR_EXAMPLE_2.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand signCSRSubCommand = new SubCommand("sign-certificate-signing-request", INFO_MANAGE_CERTS_SC_SIGN_CSR_DESC.get(), signCSRParser, signCSRExamples);
    signCSRSubCommand.addName("signCertificateSigningRequest", true);
    signCSRSubCommand.addName("sign-certificate-request", true);
    signCSRSubCommand.addName("signCertificateRequest", true);
    signCSRSubCommand.addName("sign-certificate", true);
    signCSRSubCommand.addName("signCertificate", true);
    signCSRSubCommand.addName("sign-csr", true);
    signCSRSubCommand.addName("signCSR", true);
    signCSRSubCommand.addName("sign", true);
    signCSRSubCommand.addName("gencert", true);
    parser.addSubCommand(signCSRSubCommand);
    // Define the "change-certificate-alias" subcommand and all of its
    // arguments.
    final ArgumentParser changeAliasParser = new ArgumentParser("change-certificate-alias", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get());
    final FileArgument changeAliasKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_DESC.get(), true, true, true, false);
    changeAliasKeystore.addLongIdentifier("keystore-path", true);
    changeAliasKeystore.addLongIdentifier("keystorePath", true);
    changeAliasKeystore.addLongIdentifier("keystore-file", true);
    changeAliasKeystore.addLongIdentifier("keystoreFile", true);
    changeAliasParser.addArgument(changeAliasKeystore);
    final StringArgument changeAliasKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_DESC.get());
    changeAliasKeystorePassword.addLongIdentifier("keystorePassword", true);
    changeAliasKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    changeAliasKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    changeAliasKeystorePassword.addLongIdentifier("keystore-pin", true);
    changeAliasKeystorePassword.addLongIdentifier("keystorePIN", true);
    changeAliasKeystorePassword.addLongIdentifier("storepass", true);
    changeAliasKeystorePassword.setSensitive(true);
    changeAliasParser.addArgument(changeAliasKeystorePassword);
    final FileArgument changeAliasKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    changeAliasKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    changeAliasParser.addArgument(changeAliasKeystorePasswordFile);
    final BooleanArgument changeAliasPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_KS_PW_DESC.get());
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    changeAliasPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    changeAliasParser.addArgument(changeAliasPromptForKeystorePassword);
    final StringArgument changeAliasPKPassword = new StringArgument(null, "private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_DESC.get());
    changeAliasPKPassword.addLongIdentifier("privateKeyPassword", true);
    changeAliasPKPassword.addLongIdentifier("private-key-passphrase", true);
    changeAliasPKPassword.addLongIdentifier("privateKeyPassphrase", true);
    changeAliasPKPassword.addLongIdentifier("private-key-pin", true);
    changeAliasPKPassword.addLongIdentifier("privateKeyPIN", true);
    changeAliasPKPassword.addLongIdentifier("key-password", true);
    changeAliasPKPassword.addLongIdentifier("keyPassword", true);
    changeAliasPKPassword.addLongIdentifier("key-passphrase", true);
    changeAliasPKPassword.addLongIdentifier("keyPassphrase", true);
    changeAliasPKPassword.addLongIdentifier("key-pin", true);
    changeAliasPKPassword.addLongIdentifier("keyPIN", true);
    changeAliasPKPassword.addLongIdentifier("keypass", true);
    changeAliasPKPassword.setSensitive(true);
    changeAliasParser.addArgument(changeAliasPKPassword);
    final FileArgument changeAliasPKPasswordFile = new FileArgument(null, "private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PK_PW_FILE_DESC.get(), true, true, true, false);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPasswordFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("private-key-passphrase-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPassphraseFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("private-key-pin-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("privateKeyPINFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-password-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPasswordFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-passphrase-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPassphraseFile", true);
    changeAliasPKPasswordFile.addLongIdentifier("key-pin-file", true);
    changeAliasPKPasswordFile.addLongIdentifier("keyPINFile", true);
    changeAliasParser.addArgument(changeAliasPKPasswordFile);
    final BooleanArgument changeAliasPromptForPKPassword = new BooleanArgument(null, "prompt-for-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_PROMPT_FOR_PK_PW_DESC.get());
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassword", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-private-key-passphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPassphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-private-key-pin", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForPrivateKeyPIN", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-password", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPassword", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-passphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPassphrase", true);
    changeAliasPromptForPKPassword.addLongIdentifier("prompt-for-key-pin", true);
    changeAliasPromptForPKPassword.addLongIdentifier("promptForKeyPIN", true);
    changeAliasParser.addArgument(changeAliasPromptForPKPassword);
    final StringArgument changeAliasKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    changeAliasKeystoreType.addLongIdentifier("key-store-type", true);
    changeAliasKeystoreType.addLongIdentifier("keystoreType", true);
    changeAliasKeystoreType.addLongIdentifier("keystore-format", true);
    changeAliasKeystoreType.addLongIdentifier("key-store-format", true);
    changeAliasKeystoreType.addLongIdentifier("keystoreFormat", true);
    changeAliasKeystoreType.addLongIdentifier("storetype", true);
    changeAliasParser.addArgument(changeAliasKeystoreType);
    final StringArgument changeAliasCurrentAlias = new StringArgument(null, "current-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_CURRENT_ALIAS_DESC.get());
    changeAliasCurrentAlias.addLongIdentifier("currentAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("old-alias", true);
    changeAliasCurrentAlias.addLongIdentifier("oldAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("source-alias", true);
    changeAliasCurrentAlias.addLongIdentifier("sourceAlias", true);
    changeAliasCurrentAlias.addLongIdentifier("alias", true);
    changeAliasCurrentAlias.addLongIdentifier("current-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("currentNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("old-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("oldNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("source-nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("sourceNickname", true);
    changeAliasCurrentAlias.addLongIdentifier("nickname", true);
    changeAliasCurrentAlias.addLongIdentifier("from", false);
    changeAliasParser.addArgument(changeAliasCurrentAlias);
    final StringArgument changeAliasNewAlias = new StringArgument(null, "new-alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_NEW_ALIAS_DESC.get());
    changeAliasNewAlias.addLongIdentifier("newAlias", true);
    changeAliasNewAlias.addLongIdentifier("destination-alias", true);
    changeAliasNewAlias.addLongIdentifier("destinationAlias", true);
    changeAliasNewAlias.addLongIdentifier("new-nickname", true);
    changeAliasNewAlias.addLongIdentifier("newNickname", true);
    changeAliasNewAlias.addLongIdentifier("destination-nickname", true);
    changeAliasNewAlias.addLongIdentifier("destinationNickname", true);
    changeAliasNewAlias.addLongIdentifier("to", false);
    changeAliasParser.addArgument(changeAliasNewAlias);
    final BooleanArgument changeAliasDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_ARG_DISPLAY_COMMAND_DESC.get());
    changeAliasDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changeAliasDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changeAliasDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changeAliasParser.addArgument(changeAliasDisplayCommand);
    changeAliasParser.addRequiredArgumentSet(changeAliasKeystorePassword, changeAliasKeystorePasswordFile, changeAliasPromptForKeystorePassword);
    changeAliasParser.addExclusiveArgumentSet(changeAliasKeystorePassword, changeAliasKeystorePasswordFile, changeAliasPromptForKeystorePassword);
    changeAliasParser.addExclusiveArgumentSet(changeAliasPKPassword, changeAliasPKPasswordFile, changeAliasPromptForPKPassword);
    final LinkedHashMap<String[], String> changeAliasExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changeAliasExamples.put(new String[] { "change-certificate-alias", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--current-alias", "server-cert", "--new-alias", "server-certificate", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_EXAMPLE_1.get());
    final SubCommand changeAliasSubCommand = new SubCommand("change-certificate-alias", INFO_MANAGE_CERTS_SC_CHANGE_ALIAS_DESC.get(), changeAliasParser, changeAliasExamples);
    changeAliasSubCommand.addName("changeCertificateAlias", true);
    changeAliasSubCommand.addName("change-alias", true);
    changeAliasSubCommand.addName("changeAlias", true);
    changeAliasSubCommand.addName("rename-certificate", true);
    changeAliasSubCommand.addName("renameCertificate", true);
    changeAliasSubCommand.addName("rename", true);
    parser.addSubCommand(changeAliasSubCommand);
    // Define the "change-keystore-password" subcommand and all of its
    // arguments.
    final ArgumentParser changeKSPWParser = new ArgumentParser("change-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get());
    final FileArgument changeKSPWKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_KS_DESC.get(), true, true, true, false);
    changeKSPWKeystore.addLongIdentifier("keystore-path", true);
    changeKSPWKeystore.addLongIdentifier("keystorePath", true);
    changeKSPWKeystore.addLongIdentifier("keystore-file", true);
    changeKSPWKeystore.addLongIdentifier("keystoreFile", true);
    changeKSPWParser.addArgument(changeKSPWKeystore);
    final StringArgument changeKSPWCurrentPassword = new StringArgument(null, "current-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_DESC.get());
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePassword", true);
    changeKSPWCurrentPassword.addLongIdentifier("current-keystore-passphrase", true);
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePassphrase", true);
    changeKSPWCurrentPassword.addLongIdentifier("current-keystore-pin", true);
    changeKSPWCurrentPassword.addLongIdentifier("currentKeystorePIN", true);
    changeKSPWCurrentPassword.addLongIdentifier("storepass", true);
    changeKSPWCurrentPassword.setSensitive(true);
    changeKSPWParser.addArgument(changeKSPWCurrentPassword);
    final FileArgument changeKSPWCurrentPasswordFile = new FileArgument(null, "current-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePasswordFile", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("current-keystore-passphrase-file", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePassphraseFile", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("current-keystore-pin-file", true);
    changeKSPWCurrentPasswordFile.addLongIdentifier("currentKeystorePINFile", true);
    changeKSPWParser.addArgument(changeKSPWCurrentPasswordFile);
    final BooleanArgument changeKSPWPromptForCurrentPassword = new BooleanArgument(null, "prompt-for-current-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePassword", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-keystore-passphrase", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePassphrase", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-keystore-pin", true);
    changeKSPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentKeystorePIN", true);
    changeKSPWParser.addArgument(changeKSPWPromptForCurrentPassword);
    final StringArgument changeKSPWNewPassword = new StringArgument(null, "new-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_DESC.get());
    changeKSPWNewPassword.addLongIdentifier("newKeystorePassword", true);
    changeKSPWNewPassword.addLongIdentifier("new-keystore-passphrase", true);
    changeKSPWNewPassword.addLongIdentifier("newKeystorePassphrase", true);
    changeKSPWNewPassword.addLongIdentifier("new-keystore-pin", true);
    changeKSPWNewPassword.addLongIdentifier("newKeystorePIN", true);
    changeKSPWNewPassword.addLongIdentifier("new", true);
    changeKSPWNewPassword.setSensitive(true);
    changeKSPWParser.addArgument(changeKSPWNewPassword);
    final FileArgument changeKSPWNewPasswordFile = new FileArgument(null, "new-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePasswordFile", true);
    changeKSPWNewPasswordFile.addLongIdentifier("new-keystore-passphrase-file", true);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePassphraseFile", true);
    changeKSPWNewPasswordFile.addLongIdentifier("new-keystore-pin-file", true);
    changeKSPWNewPasswordFile.addLongIdentifier("newKeystorePINFile", true);
    changeKSPWParser.addArgument(changeKSPWNewPasswordFile);
    final BooleanArgument changeKSPWPromptForNewPassword = new BooleanArgument(null, "prompt-for-new-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePassword", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("prompt-for-new-keystore-passphrase", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePassphrase", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("prompt-for-new-keystore-pin", true);
    changeKSPWPromptForNewPassword.addLongIdentifier("promptForNewKeystorePIN", true);
    changeKSPWParser.addArgument(changeKSPWPromptForNewPassword);
    final BooleanArgument changeKSPWDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_ARG_DISPLAY_COMMAND_DESC.get());
    changeKSPWDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changeKSPWDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changeKSPWDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changeKSPWParser.addArgument(changeKSPWDisplayCommand);
    changeKSPWParser.addRequiredArgumentSet(changeKSPWCurrentPassword, changeKSPWCurrentPasswordFile, changeKSPWPromptForCurrentPassword);
    changeKSPWParser.addExclusiveArgumentSet(changeKSPWCurrentPassword, changeKSPWCurrentPasswordFile, changeKSPWPromptForCurrentPassword);
    changeKSPWParser.addRequiredArgumentSet(changeKSPWNewPassword, changeKSPWNewPasswordFile, changeKSPWPromptForNewPassword);
    changeKSPWParser.addExclusiveArgumentSet(changeKSPWNewPassword, changeKSPWNewPasswordFile, changeKSPWPromptForNewPassword);
    final LinkedHashMap<String[], String> changeKSPWExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changeKSPWExamples.put(new String[] { "change-keystore-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--current-keystore-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-keystore-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
    final SubCommand changeKSPWSubCommand = new SubCommand("change-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_KS_PW_DESC.get(), changeKSPWParser, changeKSPWExamples);
    changeKSPWSubCommand.addName("changeKeystorePassword", true);
    changeKSPWSubCommand.addName("change-keystore-passphrase", true);
    changeKSPWSubCommand.addName("changeKeystorePassphrase", true);
    changeKSPWSubCommand.addName("change-keystore-pin", true);
    changeKSPWSubCommand.addName("changeKeystorePIN", true);
    changeKSPWSubCommand.addName("storepasswd", true);
    parser.addSubCommand(changeKSPWSubCommand);
    // Define the "change-private-key-password" subcommand and all of its
    // arguments.
    final ArgumentParser changePKPWParser = new ArgumentParser("change-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get());
    final FileArgument changePKPWKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_DESC.get(), true, true, true, false);
    changePKPWKeystore.addLongIdentifier("keystore-path", true);
    changePKPWKeystore.addLongIdentifier("keystorePath", true);
    changePKPWKeystore.addLongIdentifier("keystore-file", true);
    changePKPWKeystore.addLongIdentifier("keystoreFile", true);
    changePKPWParser.addArgument(changePKPWKeystore);
    final StringArgument changePKPWKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_DESC.get());
    changePKPWKeystorePassword.addLongIdentifier("keystorePassword", true);
    changePKPWKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    changePKPWKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    changePKPWKeystorePassword.addLongIdentifier("keystore-pin", true);
    changePKPWKeystorePassword.addLongIdentifier("keystorePIN", true);
    changePKPWKeystorePassword.addLongIdentifier("storepass", true);
    changePKPWKeystorePassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWKeystorePassword);
    final FileArgument changePKPWKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    changePKPWKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    changePKPWParser.addArgument(changePKPWKeystorePasswordFile);
    final BooleanArgument changePKPWPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_KS_PW_DESC.get());
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    changePKPWPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    changePKPWParser.addArgument(changePKPWPromptForKeystorePassword);
    final StringArgument changePKPWKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    changePKPWKeystoreType.addLongIdentifier("key-store-type", true);
    changePKPWKeystoreType.addLongIdentifier("keystoreType", true);
    changePKPWKeystoreType.addLongIdentifier("keystore-format", true);
    changePKPWKeystoreType.addLongIdentifier("key-store-format", true);
    changePKPWKeystoreType.addLongIdentifier("keystoreFormat", true);
    changePKPWKeystoreType.addLongIdentifier("storetype", true);
    changePKPWParser.addArgument(changePKPWKeystoreType);
    final StringArgument changePKPWAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_ALIAS_DESC.get());
    changePKPWAlias.addLongIdentifier("nickname", true);
    changePKPWParser.addArgument(changePKPWAlias);
    final StringArgument changePKPWCurrentPassword = new StringArgument(null, "current-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_DESC.get());
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPassword", true);
    changePKPWCurrentPassword.addLongIdentifier("current-private-key-passphrase", true);
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPassphrase", true);
    changePKPWCurrentPassword.addLongIdentifier("current-private-key-pin", true);
    changePKPWCurrentPassword.addLongIdentifier("currentPrivateKeyPIN", true);
    changePKPWCurrentPassword.addLongIdentifier("keypass", true);
    changePKPWCurrentPassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWCurrentPassword);
    final FileArgument changePKPWCurrentPasswordFile = new FileArgument(null, "current-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_CURRENT_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPasswordFile", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("current-private-key-passphrase-file", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPassphraseFile", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("current-private-key-pin-file", true);
    changePKPWCurrentPasswordFile.addLongIdentifier("currentPrivateKeyPINFile", true);
    changePKPWParser.addArgument(changePKPWCurrentPasswordFile);
    final BooleanArgument changePKPWPromptForCurrentPassword = new BooleanArgument(null, "prompt-for-current-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_CURRENT_PW_DESC.get());
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPassword", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-private-key-passphrase", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPassphrase", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("prompt-for-current-private-key-pin", true);
    changePKPWPromptForCurrentPassword.addLongIdentifier("promptForCurrentPrivateKeyPIN", true);
    changePKPWParser.addArgument(changePKPWPromptForCurrentPassword);
    final StringArgument changePKPWNewPassword = new StringArgument(null, "new-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_DESC.get());
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPassword", true);
    changePKPWNewPassword.addLongIdentifier("new-private-key-passphrase", true);
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPassphrase", true);
    changePKPWNewPassword.addLongIdentifier("new-private-key-pin", true);
    changePKPWNewPassword.addLongIdentifier("newPrivateKeyPIN", true);
    changePKPWNewPassword.addLongIdentifier("new", true);
    changePKPWNewPassword.setSensitive(true);
    changePKPWParser.addArgument(changePKPWNewPassword);
    final FileArgument changePKPWNewPasswordFile = new FileArgument(null, "new-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_NEW_PW_FILE_DESC.get(), true, true, true, false);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPasswordFile", true);
    changePKPWNewPasswordFile.addLongIdentifier("new-private-key-passphrase-file", true);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPassphraseFile", true);
    changePKPWNewPasswordFile.addLongIdentifier("new-private-key-pin-file", true);
    changePKPWNewPasswordFile.addLongIdentifier("newPrivateKeyPINFile", true);
    changePKPWParser.addArgument(changePKPWNewPasswordFile);
    final BooleanArgument changePKPWPromptForNewPassword = new BooleanArgument(null, "prompt-for-new-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_PROMPT_FOR_NEW_PW_DESC.get());
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPassword", true);
    changePKPWPromptForNewPassword.addLongIdentifier("prompt-for-new-private-key-passphrase", true);
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPassphrase", true);
    changePKPWPromptForNewPassword.addLongIdentifier("prompt-for-new-private-key-pin", true);
    changePKPWPromptForNewPassword.addLongIdentifier("promptForNewPrivateKeyPIN", true);
    changePKPWParser.addArgument(changePKPWPromptForNewPassword);
    final BooleanArgument changePKPWDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_ARG_DISPLAY_COMMAND_DESC.get());
    changePKPWDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    changePKPWDisplayCommand.addLongIdentifier("show-keytool-command", true);
    changePKPWDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    changePKPWParser.addArgument(changePKPWDisplayCommand);
    changePKPWParser.addRequiredArgumentSet(changePKPWKeystorePassword, changePKPWKeystorePasswordFile, changePKPWPromptForKeystorePassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWKeystorePassword, changePKPWKeystorePasswordFile, changePKPWPromptForKeystorePassword);
    changePKPWParser.addRequiredArgumentSet(changePKPWCurrentPassword, changePKPWCurrentPasswordFile, changePKPWPromptForCurrentPassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWCurrentPassword, changePKPWCurrentPasswordFile, changePKPWPromptForCurrentPassword);
    changePKPWParser.addRequiredArgumentSet(changePKPWNewPassword, changePKPWNewPasswordFile, changePKPWPromptForNewPassword);
    changePKPWParser.addExclusiveArgumentSet(changePKPWNewPassword, changePKPWNewPasswordFile, changePKPWPromptForNewPassword);
    final LinkedHashMap<String[], String> changePKPWExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    changePKPWExamples.put(new String[] { "change-private-key-password", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert", "--current-private-key-password-file", getPlatformSpecificPath("config", "current.pin"), "--new-private-key-password-file", getPlatformSpecificPath("config", "new.pin"), "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore"), getPlatformSpecificPath("config", "current.pin"), getPlatformSpecificPath("config", "new.pin")));
    final SubCommand changePKPWSubCommand = new SubCommand("change-private-key-password", INFO_MANAGE_CERTS_SC_CHANGE_PK_PW_DESC.get(), changePKPWParser, changePKPWExamples);
    changePKPWSubCommand.addName("changePrivateKeyPassword", true);
    changePKPWSubCommand.addName("change-private-key-passphrase", true);
    changePKPWSubCommand.addName("changePrivateKeyPassphrase", true);
    changePKPWSubCommand.addName("change-private-key-pin", true);
    changePKPWSubCommand.addName("changePrivateKeyPIN", true);
    changePKPWSubCommand.addName("change-key-password", true);
    changePKPWSubCommand.addName("changeKeyPassword", true);
    changePKPWSubCommand.addName("change-key-passphrase", true);
    changePKPWSubCommand.addName("changeKeyPassphrase", true);
    changePKPWSubCommand.addName("change-key-pin", true);
    changePKPWSubCommand.addName("changeKeyPIN", true);
    changePKPWSubCommand.addName("keypasswd", true);
    parser.addSubCommand(changePKPWSubCommand);
    // Define the "copy-keystore" subcommand and all of its arguments.
    final ArgumentParser copyKSParser = new ArgumentParser("copy-keystore", INFO_MANAGE_CERTS_SC_COPY_KS_DESC.get());
    final FileArgument copyKSSourceKeystore = new FileArgument(null, "source-keystore", true, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_DESC.get(), true, true, true, false);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystore", true);
    copyKSSourceKeystore.addLongIdentifier("source-keystore-path", true);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystorePath", true);
    copyKSSourceKeystore.addLongIdentifier("source-keystore-file", true);
    copyKSSourceKeystore.addLongIdentifier("sourceKeystoreFile", true);
    copyKSParser.addArgument(copyKSSourceKeystore);
    final StringArgument copyKSSourceKeystorePassword = new StringArgument(null, "source-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_PW_DESC.get());
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePassword", true);
    copyKSSourceKeystorePassword.addLongIdentifier("source-keystore-passphrase", true);
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePassphrase", true);
    copyKSSourceKeystorePassword.addLongIdentifier("source-keystore-pin", true);
    copyKSSourceKeystorePassword.addLongIdentifier("sourceKeystorePIN", true);
    copyKSParser.addArgument(copyKSSourceKeystorePassword);
    final FileArgument copyKSSourceKeystorePasswordFile = new FileArgument(null, "source-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_PW_FILE_DESC.get(), true, true, true, false);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePasswordFile", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("source-keystore-passphrase-file", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePassphraseFile", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("source-keystore-pin-file", true);
    copyKSSourceKeystorePasswordFile.addLongIdentifier("sourceKeystorePINFile", true);
    copyKSParser.addArgument(copyKSSourceKeystorePasswordFile);
    final BooleanArgument copyKSPromptForSourceKeystorePassword = new BooleanArgument(null, "prompt-for-source-keystore-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_SRC_KS_PW.get());
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePassword", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("prompt-for-source-keystore-passphrase", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePassphrase", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("prompt-for-source-keystore-pin", true);
    copyKSPromptForSourceKeystorePassword.addLongIdentifier("promptForSourceKeystorePIN", true);
    copyKSParser.addArgument(copyKSPromptForSourceKeystorePassword);
    final StringArgument copyKSSourcePKPassword = new StringArgument(null, "source-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_PK_PW_DESC.get());
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPassword", true);
    copyKSSourcePKPassword.addLongIdentifier("source-private-key-passphrase", true);
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPassphrase", true);
    copyKSSourcePKPassword.addLongIdentifier("source-private-key-pin", true);
    copyKSSourcePKPassword.addLongIdentifier("sourcePrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSSourcePKPassword);
    final FileArgument copyKSSourcePKPasswordFile = new FileArgument(null, "source-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_PK_PW_FILE_DESC.get(), true, true, true, false);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPasswordFile", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("source-private-key-passphrase-file", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPassphraseFile", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("source-private-key-pin-file", true);
    copyKSSourcePKPasswordFile.addLongIdentifier("sourcePrivateKeyPINFile", true);
    copyKSParser.addArgument(copyKSSourcePKPasswordFile);
    final BooleanArgument copyKSPromptForSourcePKPassword = new BooleanArgument(null, "prompt-for-source-private-key-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_SRC_PK_PW.get());
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPassword", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("prompt-for-source-private-key-passphrase", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPassphrase", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("prompt-for-source-private-key-pin", true);
    copyKSPromptForSourcePKPassword.addLongIdentifier("promptForSourcePrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSPromptForSourcePKPassword);
    final StringArgument copyKSSourceKeystoreType = new StringArgument(null, "source-keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_SRC_KS_TYPE.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    copyKSSourceKeystoreType.addLongIdentifier("source-key-store-type", true);
    copyKSSourceKeystoreType.addLongIdentifier("sourceKeystoreType", true);
    copyKSSourceKeystoreType.addLongIdentifier("source-keystore-format", true);
    copyKSSourceKeystoreType.addLongIdentifier("source-key-store-format", true);
    copyKSSourceKeystoreType.addLongIdentifier("sourceKeystoreFormat", true);
    copyKSParser.addArgument(copyKSSourceKeystoreType);
    final FileArgument copyKSDestKeystore = new FileArgument(null, "destination-keystore", true, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_DESC.get(), false, true, true, false);
    copyKSDestKeystore.addLongIdentifier("destinationKeystore", true);
    copyKSDestKeystore.addLongIdentifier("destination-keystore-path", true);
    copyKSDestKeystore.addLongIdentifier("destinationKeystorePath", true);
    copyKSDestKeystore.addLongIdentifier("destination-keystore-file", true);
    copyKSDestKeystore.addLongIdentifier("destinationKeystoreFile", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystore", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore-path", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystorePath", true);
    copyKSDestKeystore.addLongIdentifier("target-keystore-file", true);
    copyKSDestKeystore.addLongIdentifier("targetKeystoreFile", true);
    copyKSParser.addArgument(copyKSDestKeystore);
    final StringArgument copyKSDestKeystorePassword = new StringArgument(null, "destination-keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_PW_DESC.get());
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePassword", true);
    copyKSDestKeystorePassword.addLongIdentifier("destination-keystore-passphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePassphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("destination-keystore-pin", true);
    copyKSDestKeystorePassword.addLongIdentifier("destinationKeystorePIN", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-password", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePassword", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-passphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePassphrase", true);
    copyKSDestKeystorePassword.addLongIdentifier("target-keystore-pin", true);
    copyKSDestKeystorePassword.addLongIdentifier("targetKeystorePIN", true);
    copyKSParser.addArgument(copyKSDestKeystorePassword);
    final FileArgument copyKSDestKeystorePasswordFile = new FileArgument(null, "destination-keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_PW_FILE_DESC.get(), true, true, true, false);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePasswordFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destination-keystore-passphrase-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePassphraseFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destination-keystore-pin-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("destinationKeystorePINFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-password-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePasswordFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-passphrase-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePassphraseFile", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("target-keystore-pin-file", true);
    copyKSDestKeystorePasswordFile.addLongIdentifier("targetKeystorePINFile", true);
    copyKSParser.addArgument(copyKSDestKeystorePasswordFile);
    final BooleanArgument copyKSPromptForDestKeystorePassword = new BooleanArgument(null, "prompt-for-destination-keystore-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_DST_KS_PW.get());
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePassword", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Destination-keystore-passphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePassphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Destination-keystore-pin", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForDestinationKeystorePIN", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-target-keystore-password", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePassword", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Target-keystore-passphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePassphrase", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("prompt-for-Target-keystore-pin", true);
    copyKSPromptForDestKeystorePassword.addLongIdentifier("promptForTargetKeystorePIN", true);
    copyKSParser.addArgument(copyKSPromptForDestKeystorePassword);
    final StringArgument copyKSDestPKPassword = new StringArgument(null, "destination-private-key-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_PK_PW_DESC.get());
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPassword", true);
    copyKSDestPKPassword.addLongIdentifier("destination-private-key-passphrase", true);
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPassphrase", true);
    copyKSDestPKPassword.addLongIdentifier("destination-private-key-pin", true);
    copyKSDestPKPassword.addLongIdentifier("destinationPrivateKeyPIN", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-password", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPassword", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-passphrase", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPassphrase", true);
    copyKSDestPKPassword.addLongIdentifier("target-private-key-pin", true);
    copyKSDestPKPassword.addLongIdentifier("targetPrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSDestPKPassword);
    final FileArgument copyKSDestPKPasswordFile = new FileArgument(null, "destination-private-key-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_PK_PW_FILE_DESC.get(), true, true, true, false);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPasswordFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destination-private-key-passphrase-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPassphraseFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destination-private-key-pin-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("destinationPrivateKeyPINFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-password-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPasswordFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-passphrase-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPassphraseFile", true);
    copyKSDestPKPasswordFile.addLongIdentifier("target-private-key-pin-file", true);
    copyKSDestPKPasswordFile.addLongIdentifier("targetPrivateKeyPINFile", true);
    copyKSParser.addArgument(copyKSDestPKPasswordFile);
    final BooleanArgument copyKSPromptForDestPKPassword = new BooleanArgument(null, "prompt-for-destination-private-key-password", 1, INFO_MANAGE_CERTS_SC_COPY_KS_ARG_PROMPT_FOR_DST_PK_PW.get());
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPassword", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Destination-private-key-passphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPassphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Destination-private-key-pin", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForDestinationPrivateKeyPIN", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-target-private-key-password", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPassword", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Target-private-key-passphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPassphrase", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("prompt-for-Target-private-key-pin", true);
    copyKSPromptForDestPKPassword.addLongIdentifier("promptForTargetPrivateKeyPIN", true);
    copyKSParser.addArgument(copyKSPromptForDestPKPassword);
    final StringArgument copyKSDestKeystoreType = new StringArgument(null, "destination-keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_DST_KS_TYPE.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    copyKSDestKeystoreType.addLongIdentifier("destination-key-store-type", true);
    copyKSDestKeystoreType.addLongIdentifier("destinationKeystoreType", true);
    copyKSDestKeystoreType.addLongIdentifier("destination-keystore-format", true);
    copyKSDestKeystoreType.addLongIdentifier("destination-key-store-format", true);
    copyKSDestKeystoreType.addLongIdentifier("destinationKeystoreFormat", true);
    copyKSDestKeystoreType.addLongIdentifier("target-key-store-type", true);
    copyKSDestKeystoreType.addLongIdentifier("targetKeystoreType", true);
    copyKSDestKeystoreType.addLongIdentifier("target-keystore-format", true);
    copyKSDestKeystoreType.addLongIdentifier("target-key-store-format", true);
    copyKSDestKeystoreType.addLongIdentifier("targetKeystoreFormat", true);
    copyKSParser.addArgument(copyKSDestKeystoreType);
    final StringArgument copyKSAlias = new StringArgument(null, "alias", false, 0, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_COPY_KS_ARG_ALIAS.get());
    copyKSAlias.addLongIdentifier("nickname", true);
    copyKSParser.addArgument(copyKSAlias);
    copyKSParser.addRequiredArgumentSet(copyKSSourceKeystorePassword, copyKSSourceKeystorePasswordFile, copyKSPromptForSourceKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSSourceKeystorePassword, copyKSSourceKeystorePasswordFile, copyKSPromptForSourceKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSSourcePKPassword, copyKSSourcePKPasswordFile, copyKSPromptForDestPKPassword);
    copyKSParser.addExclusiveArgumentSet(copyKSDestKeystorePassword, copyKSDestKeystorePasswordFile, copyKSPromptForDestKeystorePassword);
    copyKSParser.addExclusiveArgumentSet(copyKSDestPKPassword, copyKSDestPKPasswordFile, copyKSPromptForDestPKPassword);
    final LinkedHashMap<String[], String> copyKeyStoreExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    copyKeyStoreExamples.put(new String[] { "copy-keystore", "--source-keystore", getPlatformSpecificPath("config", "keystore.jks"), "--source-keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--source-keystore-type", "JKS", "--destination-keystore", getPlatformSpecificPath("config", "keystore.p12"), "--destination-keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--destination-keystore-type", "PKCS12" }, INFO_MANAGE_CERTS_SC_COPY_KS_EXAMPLE_1.get("keystore.jks", "keystore.p12"));
    final SubCommand copyKeyStoreSubCommand = new SubCommand("copy-keystore", INFO_MANAGE_CERTS_SC_COPY_KS_DESC.get(), copyKSParser, copyKeyStoreExamples);
    copyKeyStoreSubCommand.addName("copy-key-store", true);
    copyKeyStoreSubCommand.addName("copyKeyStore", true);
    copyKeyStoreSubCommand.addName("import-keystore", true);
    copyKeyStoreSubCommand.addName("import-key-store", true);
    copyKeyStoreSubCommand.addName("importKeyStore", true);
    copyKeyStoreSubCommand.addName("convert-keystore", true);
    copyKeyStoreSubCommand.addName("convert-key-store", true);
    copyKeyStoreSubCommand.addName("convertKeyStore", true);
    parser.addSubCommand(copyKeyStoreSubCommand);
    // Define the "retrieve-server-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser retrieveCertParser = new ArgumentParser("retrieve-server-certificate", INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_DESC.get());
    final StringArgument retrieveCertHostname = new StringArgument('h', "hostname", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_HOST.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_HOSTNAME_DESC.get());
    retrieveCertHostname.addLongIdentifier("server-address", true);
    retrieveCertHostname.addLongIdentifier("serverAddress", true);
    retrieveCertHostname.addLongIdentifier("address", true);
    retrieveCertParser.addArgument(retrieveCertHostname);
    final IntegerArgument retrieveCertPort = new IntegerArgument('p', "port", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PORT.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_PORT_DESC.get(), 1, 65_535);
    retrieveCertPort.addLongIdentifier("server-port", true);
    retrieveCertPort.addLongIdentifier("serverPort", true);
    retrieveCertParser.addArgument(retrieveCertPort);
    final BooleanArgument retrieveCertUseStartTLS = new BooleanArgument('q', "use-ldap-start-tls", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_USE_START_TLS_DESC.get());
    retrieveCertUseStartTLS.addLongIdentifier("use-ldap-starttls", true);
    retrieveCertUseStartTLS.addLongIdentifier("useLDAPStartTLS", true);
    retrieveCertUseStartTLS.addLongIdentifier("use-start-tls", true);
    retrieveCertUseStartTLS.addLongIdentifier("use-starttls", true);
    retrieveCertUseStartTLS.addLongIdentifier("useStartTLS", true);
    retrieveCertParser.addArgument(retrieveCertUseStartTLS);
    final FileArgument retrieveCertOutputFile = new FileArgument(null, "output-file", false, 1, null, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_FILE_DESC.get(), false, true, true, false);
    retrieveCertOutputFile.addLongIdentifier("outputFile", true);
    retrieveCertOutputFile.addLongIdentifier("export-file", true);
    retrieveCertOutputFile.addLongIdentifier("exportFile", true);
    retrieveCertOutputFile.addLongIdentifier("certificate-file", true);
    retrieveCertOutputFile.addLongIdentifier("certificateFile", true);
    retrieveCertOutputFile.addLongIdentifier("file", true);
    retrieveCertOutputFile.addLongIdentifier("filename", true);
    retrieveCertParser.addArgument(retrieveCertOutputFile);
    final Set<String> retrieveCertOutputFormatAllowedValues = StaticUtils.setOf("PEM", "text", "txt", "RFC", "DER", "binary", "bin");
    final StringArgument retrieveCertOutputFormat = new StringArgument(null, "output-format", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_FORMAT.get(), INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_FORMAT_DESC.get(), retrieveCertOutputFormatAllowedValues, "PEM");
    retrieveCertOutputFormat.addLongIdentifier("outputFormat", true);
    retrieveCertParser.addArgument(retrieveCertOutputFormat);
    final BooleanArgument retrieveCertOnlyPeer = new BooleanArgument(null, "only-peer-certificate", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_ONLY_PEER_DESC.get());
    retrieveCertOnlyPeer.addLongIdentifier("onlyPeerCertificate", true);
    retrieveCertOnlyPeer.addLongIdentifier("only-peer", true);
    retrieveCertOnlyPeer.addLongIdentifier("onlyPeer", true);
    retrieveCertOnlyPeer.addLongIdentifier("peer-certificate-only", true);
    retrieveCertOnlyPeer.addLongIdentifier("peerCertificateOnly", true);
    retrieveCertOnlyPeer.addLongIdentifier("peer-only", true);
    retrieveCertOnlyPeer.addLongIdentifier("peerOnly", true);
    retrieveCertParser.addArgument(retrieveCertOnlyPeer);
    final BooleanArgument retrieveCertEnableSSLDebugging = new BooleanArgument(null, "enableSSLDebugging", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_ENABLE_SSL_DEBUGGING_DESC.get());
    retrieveCertEnableSSLDebugging.addLongIdentifier("enableTLSDebugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enableStartTLSDebugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-ssl-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-tls-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-starttls-debugging", true);
    retrieveCertEnableSSLDebugging.addLongIdentifier("enable-start-tls-debugging", true);
    retrieveCertParser.addArgument(retrieveCertEnableSSLDebugging);
    addEnableSSLDebuggingArgument(retrieveCertEnableSSLDebugging);
    final BooleanArgument retrieveCertVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_ARG_VERBOSE_DESC.get());
    retrieveCertParser.addArgument(retrieveCertVerbose);
    retrieveCertParser.addDependentArgumentSet(retrieveCertOutputFormat, retrieveCertOutputFile);
    final LinkedHashMap<String[], String> retrieveCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    retrieveCertExamples.put(new String[] { "retrieve-server-certificate", "--hostname", "ds.example.com", "--port", "636" }, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_EXAMPLE_1.get(getPlatformSpecificPath("config", "truststore")));
    retrieveCertExamples.put(new String[] { "retrieve-server-certificate", "--hostname", "ds.example.com", "--port", "389", "--use-ldap-start-tls", "--only-peer-certificate", "--output-file", "ds-cert.pem", "--output-format", "PEM", "--verbose" }, INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_EXAMPLE_2.get(getPlatformSpecificPath("config", "truststore")));
    final SubCommand retrieveCertSubCommand = new SubCommand("retrieve-server-certificate", INFO_MANAGE_CERTS_SC_RETRIEVE_CERT_DESC.get(), retrieveCertParser, retrieveCertExamples);
    retrieveCertSubCommand.addName("retrieveServerCertificate", true);
    retrieveCertSubCommand.addName("retrieve-certificate", true);
    retrieveCertSubCommand.addName("retrieveCertificate", true);
    retrieveCertSubCommand.addName("get-server-certificate", true);
    retrieveCertSubCommand.addName("getServerCertificate", true);
    retrieveCertSubCommand.addName("get-certificate", true);
    retrieveCertSubCommand.addName("getCertificate", true);
    retrieveCertSubCommand.addName("display-server-certificate", true);
    retrieveCertSubCommand.addName("displayServerCertificate", true);
    parser.addSubCommand(retrieveCertSubCommand);
    // Define the "trust-server-certificate" subcommand and all of its
    // arguments.
    final ArgumentParser trustServerParser = new ArgumentParser("trust-server-certificate", INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get());
    final StringArgument trustServerHostname = new StringArgument('h', "hostname", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_HOST.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_HOSTNAME_DESC.get());
    trustServerHostname.addLongIdentifier("server-address", true);
    trustServerHostname.addLongIdentifier("serverAddress", true);
    trustServerHostname.addLongIdentifier("address", true);
    trustServerParser.addArgument(trustServerHostname);
    final IntegerArgument trustServerPort = new IntegerArgument('p', "port", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PORT.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PORT_DESC.get(), 1, 65_535);
    trustServerPort.addLongIdentifier("server-port", true);
    trustServerPort.addLongIdentifier("serverPort", true);
    trustServerParser.addArgument(trustServerPort);
    final BooleanArgument trustServerUseStartTLS = new BooleanArgument('q', "use-ldap-start-tls", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_USE_START_TLS_DESC.get());
    trustServerUseStartTLS.addLongIdentifier("use-ldap-starttls", true);
    trustServerUseStartTLS.addLongIdentifier("useLDAPStartTLS", true);
    trustServerUseStartTLS.addLongIdentifier("use-start-tls", true);
    trustServerUseStartTLS.addLongIdentifier("use-starttls", true);
    trustServerUseStartTLS.addLongIdentifier("useStartTLS", true);
    trustServerParser.addArgument(trustServerUseStartTLS);
    final FileArgument trustServerKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_DESC.get(), false, true, true, false);
    trustServerKeystore.addLongIdentifier("keystore-path", true);
    trustServerKeystore.addLongIdentifier("keystorePath", true);
    trustServerKeystore.addLongIdentifier("keystore-file", true);
    trustServerKeystore.addLongIdentifier("keystoreFile", true);
    trustServerParser.addArgument(trustServerKeystore);
    final StringArgument trustServerKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_DESC.get());
    trustServerKeystorePassword.addLongIdentifier("keystorePassword", true);
    trustServerKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    trustServerKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    trustServerKeystorePassword.addLongIdentifier("keystore-pin", true);
    trustServerKeystorePassword.addLongIdentifier("keystorePIN", true);
    trustServerKeystorePassword.addLongIdentifier("storepass", true);
    trustServerKeystorePassword.setSensitive(true);
    trustServerParser.addArgument(trustServerKeystorePassword);
    final FileArgument trustServerKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    trustServerKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    trustServerParser.addArgument(trustServerKeystorePasswordFile);
    final BooleanArgument trustServerPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_PROMPT_FOR_KS_PW_DESC.get());
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    trustServerPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    trustServerParser.addArgument(trustServerPromptForKeystorePassword);
    final StringArgument trustServerKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    trustServerKeystoreType.addLongIdentifier("key-store-type", true);
    trustServerKeystoreType.addLongIdentifier("keystoreType", true);
    trustServerKeystoreType.addLongIdentifier("keystore-format", true);
    trustServerKeystoreType.addLongIdentifier("key-store-format", true);
    trustServerKeystoreType.addLongIdentifier("keystoreFormat", true);
    trustServerKeystoreType.addLongIdentifier("storetype", true);
    trustServerParser.addArgument(trustServerKeystoreType);
    final StringArgument trustServerAlias = new StringArgument(null, "alias", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ALIAS_DESC.get());
    trustServerAlias.addLongIdentifier("nickname", true);
    trustServerParser.addArgument(trustServerAlias);
    final BooleanArgument trustServerIssuersOnly = new BooleanArgument(null, "issuers-only", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ISSUERS_ONLY_DESC.get());
    trustServerIssuersOnly.addLongIdentifier("issuersOnly", true);
    trustServerIssuersOnly.addLongIdentifier("issuer-certificates-only", true);
    trustServerIssuersOnly.addLongIdentifier("issuerCertificatesOnly", true);
    trustServerIssuersOnly.addLongIdentifier("only-issuers", true);
    trustServerIssuersOnly.addLongIdentifier("onlyIssuers", true);
    trustServerIssuersOnly.addLongIdentifier("only-issuer-certificates", true);
    trustServerIssuersOnly.addLongIdentifier("onlyIssuerCertificates", true);
    trustServerParser.addArgument(trustServerIssuersOnly);
    final BooleanArgument trustServerEnableSSLDebugging = new BooleanArgument(null, "enableSSLDebugging", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_ENABLE_SSL_DEBUGGING_DESC.get());
    trustServerEnableSSLDebugging.addLongIdentifier("enableTLSDebugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enableStartTLSDebugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-ssl-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-tls-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-starttls-debugging", true);
    trustServerEnableSSLDebugging.addLongIdentifier("enable-start-tls-debugging", true);
    trustServerParser.addArgument(trustServerEnableSSLDebugging);
    addEnableSSLDebuggingArgument(trustServerEnableSSLDebugging);
    final BooleanArgument trustServerVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_VERBOSE_DESC.get());
    trustServerParser.addArgument(trustServerVerbose);
    final BooleanArgument trustServerNoPrompt = new BooleanArgument(null, "no-prompt", 1, INFO_MANAGE_CERTS_SC_TRUST_SERVER_ARG_NO_PROMPT_DESC.get());
    trustServerNoPrompt.addLongIdentifier("noPrompt", true);
    trustServerParser.addArgument(trustServerNoPrompt);
    trustServerParser.addRequiredArgumentSet(trustServerKeystorePassword, trustServerKeystorePasswordFile, trustServerPromptForKeystorePassword);
    trustServerParser.addExclusiveArgumentSet(trustServerKeystorePassword, trustServerKeystorePasswordFile, trustServerPromptForKeystorePassword);
    final LinkedHashMap<String[], String> trustServerExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    trustServerExamples.put(new String[] { "trust-server-certificate", "--hostname", "ds.example.com", "--port", "636", "--keystore", getPlatformSpecificPath("config", "truststore"), "--keystore-password-file", getPlatformSpecificPath("config", "truststore.pin"), "--verbose" }, INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_1.get(getPlatformSpecificPath("config", "truststore")));
    trustServerExamples.put(new String[] { "trust-server-certificate", "--hostname", "ds.example.com", "--port", "389", "--use-ldap-start-tls", "--keystore", getPlatformSpecificPath("config", "truststore"), "--keystore-password-file", getPlatformSpecificPath("config", "truststore.pin"), "--issuers-only", "--alias", "ds-start-tls-cert", "--no-prompt" }, INFO_MANAGE_CERTS_SC_TRUST_SERVER_EXAMPLE_2.get(getPlatformSpecificPath("config", "truststore")));
    final SubCommand trustServerSubCommand = new SubCommand("trust-server-certificate", INFO_MANAGE_CERTS_SC_TRUST_SERVER_DESC.get(), trustServerParser, trustServerExamples);
    trustServerSubCommand.addName("trustServerCertificate", true);
    trustServerSubCommand.addName("trust-server", true);
    trustServerSubCommand.addName("trustServer", true);
    parser.addSubCommand(trustServerSubCommand);
    // Define the "check-certificate-usability" subcommand and all of its
    // arguments.
    final ArgumentParser checkUsabilityParser = new ArgumentParser("check-certificate-usability", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get());
    final FileArgument checkUsabilityKeystore = new FileArgument(null, "keystore", true, 1, null, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_DESC.get(), true, true, true, false);
    checkUsabilityKeystore.addLongIdentifier("keystore-path", true);
    checkUsabilityKeystore.addLongIdentifier("keystorePath", true);
    checkUsabilityKeystore.addLongIdentifier("keystore-file", true);
    checkUsabilityKeystore.addLongIdentifier("keystoreFile", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystore);
    final StringArgument checkUsabilityKeystorePassword = new StringArgument(null, "keystore-password", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_PASSWORD.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_DESC.get());
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePassword", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystore-passphrase", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePassphrase", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystore-pin", true);
    checkUsabilityKeystorePassword.addLongIdentifier("keystorePIN", true);
    checkUsabilityKeystorePassword.addLongIdentifier("storepass", true);
    checkUsabilityKeystorePassword.setSensitive(true);
    checkUsabilityParser.addArgument(checkUsabilityKeystorePassword);
    final FileArgument checkUsabilityKeystorePasswordFile = new FileArgument(null, "keystore-password-file", false, 1, null, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_PW_FILE_DESC.get(), true, true, true, false);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePasswordFile", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystore-passphrase-file", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePassphraseFile", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystore-pin-file", true);
    checkUsabilityKeystorePasswordFile.addLongIdentifier("keystorePINFile", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystorePasswordFile);
    final BooleanArgument checkUsabilityPromptForKeystorePassword = new BooleanArgument(null, "prompt-for-keystore-password", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_PROMPT_FOR_KS_PW_DESC.get());
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassword", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-passphrase", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePassphrase", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("prompt-for-keystore-pin", true);
    checkUsabilityPromptForKeystorePassword.addLongIdentifier("promptForKeystorePIN", true);
    checkUsabilityParser.addArgument(checkUsabilityPromptForKeystorePassword);
    final StringArgument checkUsabilityKeystoreType = new StringArgument(null, "keystore-type", false, 1, INFO_MANAGE_CERTS_PLACEHOLDER_TYPE.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_KS_TYPE_DESC.get(), ALLOWED_KEYSTORE_TYPE_VALUES);
    checkUsabilityKeystoreType.addLongIdentifier("key-store-type", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystoreType", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystore-format", true);
    checkUsabilityKeystoreType.addLongIdentifier("key-store-format", true);
    checkUsabilityKeystoreType.addLongIdentifier("keystoreFormat", true);
    checkUsabilityKeystoreType.addLongIdentifier("storetype", true);
    checkUsabilityParser.addArgument(checkUsabilityKeystoreType);
    final StringArgument checkUsabilityAlias = new StringArgument(null, "alias", true, 1, INFO_MANAGE_CERTS_PLACEHOLDER_ALIAS.get(), INFO_MANAGE_CERTS_SC_CHECK_USABILITY_ARG_ALIAS_DESC.get());
    checkUsabilityAlias.addLongIdentifier("nickname", true);
    checkUsabilityParser.addArgument(checkUsabilityAlias);
    final BooleanArgument checkUsabilityIgnoreSHA1Signature = new BooleanArgument(null, "allow-sha-1-signature-for-issuer-certificates", 1, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_IGNORE_SHA1_WARNING_DESC.get());
    checkUsabilityIgnoreSHA1Signature.addLongIdentifier("allow-sha1-signature-for-issuer-certificates", true);
    checkUsabilityIgnoreSHA1Signature.addLongIdentifier("allowSHA1SignatureForIssuerCertificates", true);
    checkUsabilityParser.addArgument(checkUsabilityIgnoreSHA1Signature);
    checkUsabilityParser.addRequiredArgumentSet(checkUsabilityKeystorePassword, checkUsabilityKeystorePasswordFile, checkUsabilityPromptForKeystorePassword);
    checkUsabilityParser.addExclusiveArgumentSet(checkUsabilityKeystorePassword, checkUsabilityKeystorePasswordFile, checkUsabilityPromptForKeystorePassword);
    final LinkedHashMap<String[], String> checkUsabilityExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    checkUsabilityExamples.put(new String[] { "check-certificate-usability", "--keystore", getPlatformSpecificPath("config", "keystore"), "--keystore-password-file", getPlatformSpecificPath("config", "keystore.pin"), "--alias", "server-cert" }, INFO_MANAGE_CERTS_SC_CHECK_USABILITY_EXAMPLE_1.get(getPlatformSpecificPath("config", "keystore")));
    final SubCommand checkUsabilitySubCommand = new SubCommand("check-certificate-usability", INFO_MANAGE_CERTS_SC_CHECK_USABILITY_DESC.get(), checkUsabilityParser, checkUsabilityExamples);
    checkUsabilitySubCommand.addName("checkCertificateUsability", true);
    checkUsabilitySubCommand.addName("check-usability", true);
    checkUsabilitySubCommand.addName("checkUsability", true);
    parser.addSubCommand(checkUsabilitySubCommand);
    // Define the "display-certificate-file" subcommand and all of its
    // arguments.
    final ArgumentParser displayCertParser = new ArgumentParser("display-certificate-file", INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get());
    final FileArgument displayCertFile = new FileArgument(null, "certificate-file", true, 1, null, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_FILE_DESC.get(), true, true, true, false);
    displayCertFile.addLongIdentifier("certificateFile", true);
    displayCertFile.addLongIdentifier("input-file", true);
    displayCertFile.addLongIdentifier("inputFile", true);
    displayCertFile.addLongIdentifier("file", true);
    displayCertFile.addLongIdentifier("filename", true);
    displayCertParser.addArgument(displayCertFile);
    final BooleanArgument displayCertVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_VERBOSE_DESC.get());
    displayCertParser.addArgument(displayCertVerbose);
    final BooleanArgument displayCertDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_ARG_DISPLAY_COMMAND_DESC.get());
    displayCertDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    displayCertDisplayCommand.addLongIdentifier("show-keytool-command", true);
    displayCertDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    displayCertParser.addArgument(displayCertDisplayCommand);
    final LinkedHashMap<String[], String> displayCertExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(2));
    displayCertExamples.put(new String[] { "display-certificate-file", "--certificate-file", "certificate.pem" }, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_1.get("certificate.pem"));
    displayCertExamples.put(new String[] { "display-certificate-file", "--certificate-file", "certificate.pem", "--verbose", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_DISPLAY_CERT_EXAMPLE_2.get("certificate.pem"));
    final SubCommand displayCertSubCommand = new SubCommand("display-certificate-file", INFO_MANAGE_CERTS_SC_DISPLAY_CERT_DESC.get(), displayCertParser, displayCertExamples);
    displayCertSubCommand.addName("displayCertificateFile", true);
    displayCertSubCommand.addName("display-certificate", true);
    displayCertSubCommand.addName("displayCertificate", true);
    displayCertSubCommand.addName("display-certificates", true);
    displayCertSubCommand.addName("displayCertificates", true);
    displayCertSubCommand.addName("show-certificate", true);
    displayCertSubCommand.addName("showCertificate", true);
    displayCertSubCommand.addName("show-certificate-file", true);
    displayCertSubCommand.addName("showCertificateFile", true);
    displayCertSubCommand.addName("show-certificates", true);
    displayCertSubCommand.addName("showCertificates", true);
    displayCertSubCommand.addName("print-certificate-file", true);
    displayCertSubCommand.addName("printCertificateFile", true);
    displayCertSubCommand.addName("print-certificate", true);
    displayCertSubCommand.addName("printCertificate", true);
    displayCertSubCommand.addName("print-certificates", true);
    displayCertSubCommand.addName("printCertificates", true);
    displayCertSubCommand.addName("printcert", true);
    parser.addSubCommand(displayCertSubCommand);
    // Define the "display-certificate-signing-request-file" subcommand and all
    // of its arguments.
    final ArgumentParser displayCSRParser = new ArgumentParser("display-certificate-signing-request-file", INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get());
    final FileArgument displayCSRFile = new FileArgument(null, "certificate-signing-request-file", true, 1, null, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_FILE_DESC.get(), true, true, true, false);
    displayCSRFile.addLongIdentifier("certificateSigningRequestFile", true);
    displayCSRFile.addLongIdentifier("request-file", true);
    displayCSRFile.addLongIdentifier("requestFile", true);
    displayCSRFile.addLongIdentifier("input-file", true);
    displayCSRFile.addLongIdentifier("inputFile", true);
    displayCSRFile.addLongIdentifier("file", true);
    displayCSRFile.addLongIdentifier("filename", true);
    displayCSRParser.addArgument(displayCSRFile);
    final BooleanArgument displayCSRVerbose = new BooleanArgument(null, "verbose", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_VERBOSE_DESC.get());
    displayCSRParser.addArgument(displayCSRVerbose);
    final BooleanArgument displayCSRDisplayCommand = new BooleanArgument(null, "display-keytool-command", 1, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_ARG_DISPLAY_COMMAND_DESC.get());
    displayCSRDisplayCommand.addLongIdentifier("displayKeytoolCommand", true);
    displayCSRDisplayCommand.addLongIdentifier("show-keytool-command", true);
    displayCSRDisplayCommand.addLongIdentifier("showKeytoolCommand", true);
    displayCSRParser.addArgument(displayCSRDisplayCommand);
    final LinkedHashMap<String[], String> displayCSRExamples = new LinkedHashMap<>(StaticUtils.computeMapCapacity(1));
    displayCSRExamples.put(new String[] { "display-certificate-signing-request-file", "--certificate-signing-request-file", "server-cert.csr", "--display-keytool-command" }, INFO_MANAGE_CERTS_SC_DISPLAY_CSR_EXAMPLE_1.get("server-cert.csr"));
    final SubCommand displayCSRSubCommand = new SubCommand("display-certificate-signing-request-file", INFO_MANAGE_CERTS_SC_DISPLAY_CSR_DESC.get(), displayCSRParser, displayCSRExamples);
    displayCSRSubCommand.addName("displayCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("display-certificate-signing-request", true);
    displayCSRSubCommand.addName("displayCertificateSigningRequest", true);
    displayCSRSubCommand.addName("display-certificate-request-file", true);
    displayCSRSubCommand.addName("displayCertificateRequestFile", true);
    displayCSRSubCommand.addName("display-certificate-request", true);
    displayCSRSubCommand.addName("displayCertificateRequest", true);
    displayCSRSubCommand.addName("display-csr-file", true);
    displayCSRSubCommand.addName("displayCSRFile", true);
    displayCSRSubCommand.addName("display-csr", true);
    displayCSRSubCommand.addName("displayCSR", true);
    displayCSRSubCommand.addName("show-certificate-signing-request-file", true);
    displayCSRSubCommand.addName("showCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("show-certificate-signing-request", true);
    displayCSRSubCommand.addName("showCertificateSigningRequest", true);
    displayCSRSubCommand.addName("show-certificate-request-file", true);
    displayCSRSubCommand.addName("showCertificateRequestFile", true);
    displayCSRSubCommand.addName("show-certificate-request", true);
    displayCSRSubCommand.addName("showCertificateRequest", true);
    displayCSRSubCommand.addName("show-csr-file", true);
    displayCSRSubCommand.addName("showCSRFile", true);
    displayCSRSubCommand.addName("show-csr", true);
    displayCSRSubCommand.addName("showCSR", true);
    displayCSRSubCommand.addName("print-certificate-signing-request-file", true);
    displayCSRSubCommand.addName("printCertificateSigningRequestFile", true);
    displayCSRSubCommand.addName("print-certificate-signing-request", true);
    displayCSRSubCommand.addName("printCertificateSigningRequest", true);
    displayCSRSubCommand.addName("print-certificate-request-file", true);
    displayCSRSubCommand.addName("printCertificateRequestFile", true);
    displayCSRSubCommand.addName("print-certificate-request", true);
    displayCSRSubCommand.addName("printCertificateRequest", true);
    displayCSRSubCommand.addName("print-csr-file", true);
    displayCSRSubCommand.addName("printCSRFile", true);
    displayCSRSubCommand.addName("print-csr", true);
    displayCSRSubCommand.addName("printCSR", true);
    displayCSRSubCommand.addName("printcertreq", true);
    parser.addSubCommand(displayCSRSubCommand);
}
Also used : SubCommand(com.unboundid.util.args.SubCommand) IA5StringArgumentValueValidator(com.unboundid.util.args.IA5StringArgumentValueValidator) IPAddressArgumentValueValidator(com.unboundid.util.args.IPAddressArgumentValueValidator) BooleanArgument(com.unboundid.util.args.BooleanArgument) ASN1BitString(com.unboundid.asn1.ASN1BitString) FileArgument(com.unboundid.util.args.FileArgument) ArgumentParser(com.unboundid.util.args.ArgumentParser) StringArgument(com.unboundid.util.args.StringArgument) LinkedHashMap(java.util.LinkedHashMap) DNArgument(com.unboundid.util.args.DNArgument) IntegerArgument(com.unboundid.util.args.IntegerArgument) OIDArgumentValueValidator(com.unboundid.util.args.OIDArgumentValueValidator) TimestampArgument(com.unboundid.util.args.TimestampArgument) BooleanValueArgument(com.unboundid.util.args.BooleanValueArgument)

Aggregations

ASN1BitString (com.unboundid.asn1.ASN1BitString)1 ArgumentParser (com.unboundid.util.args.ArgumentParser)1 BooleanArgument (com.unboundid.util.args.BooleanArgument)1 BooleanValueArgument (com.unboundid.util.args.BooleanValueArgument)1 DNArgument (com.unboundid.util.args.DNArgument)1 FileArgument (com.unboundid.util.args.FileArgument)1 IA5StringArgumentValueValidator (com.unboundid.util.args.IA5StringArgumentValueValidator)1 IPAddressArgumentValueValidator (com.unboundid.util.args.IPAddressArgumentValueValidator)1 IntegerArgument (com.unboundid.util.args.IntegerArgument)1 OIDArgumentValueValidator (com.unboundid.util.args.OIDArgumentValueValidator)1 StringArgument (com.unboundid.util.args.StringArgument)1 SubCommand (com.unboundid.util.args.SubCommand)1 TimestampArgument (com.unboundid.util.args.TimestampArgument)1 LinkedHashMap (java.util.LinkedHashMap)1