Adobe Command Line Tools

On my computer, I am getting a pop up message that says 'To use the 'java' command-line tool you need to install a JDK. Click 'more-info.' To visit the Java Developer Kit download website.' When I click 'more info' it prompts me to install adobe flash player, I do, I restart my computer and that p. Download the latest Adobe Provisioning Toolkit Enterprise Edition. Open an elevated prompt (run as administrator). Generate a prov.xml file on any machine connected to the internet using the following APTEE tool command line with the following options. Command Line How-To — Joys of the Command Line. Version 1.1 — October 21 2019. A command line window is simply a window on your computer in which you can type commands that do things. The program which shows you a command line window is called Terminal under Mac® OS® X, and Command Prompt (cmd) under Windows®. The Extension Manager Command Line tool sends the result of extension installation or removal to the other Adobe product by default. Please use disableSendResult to disable the function. Navigate to the Extension Manager application folder. Enter the following command, specifying your own attribute values.

  1. Adobe Command Line Tools Tutorial

AEM uses public/private key pairs to securely communicate with Adobe I/O and other web services. This short tutorial illustrates how compatible keys and keystores can be generated using the openssl command line tool that works with both AEM and Adobe I/O.

This guide creates self-signed keys useful for development and use in lower environments. In production scenarios, keys are typically generated and managed by an organization’s IT security team.

Generate the public/private key pair

Install adobe command line

The openssl command line tool’s req command can be used to generate a key pair compatible with Adobe I/O and Adobe Experience Manager.

To complete the openssl generate command, provide the certificate information when requested. Adobe I/O and AEM do not care what these values are, however they should align with, and describe your key.

Add key pair to a new keystore

Key pairs can be added to a new PKCS12 keystore. As part of openssl’s pcks12 command, the name of the keystore (via - caname), the name of the key (via -name) and the keystore’s password (via - passout) are defined.

Adobe Command Line Tools

These values are required to load the keystore and keys into AEM.

The output of this command is a keystore.p12 file.

The parameter values of my-keystore, my-key and my-password are to be replaced by your own values.

Verify the keystore contents

The Java keytool command line tool provides visibility into a keystore to ensure the keys are successfully loaded in the keystore file (keystore.p12).

Adding the keystore to AEM

AEM uses the generated private key to securely communicate with Adobe I/O and other web services. In order for the private key to be accessible to AEM, it must be installed into an AEM user’s keystore.

Navigate to AEM > Tools > Security > Users and edit the user the private key is to be associated with.

Create an AEM keystore


AEM > Tools > Security > Users > Edit user

If prompted to create a keystore, do so. This keystore will exist only in AEM and is NOT the keystore created via openssl. The password can be anything and does not have to be the same as the password used in the openssl command.

Install the private key via the keystore


User > Keystore > Add private key from keystore

In the user’s keystore console, click Add Private Key form KeyStore file and add the following information:

  • New Alias: the key’s alias in AEM. This can be anything and does not have to correspond with the name of the keystore created with the openssl command.

  • Keystore File: the output of the openssl pkcs12 command (keystore.p12)

  • Private Key Alias: The password set in the openssl pkcs12 command via - passout argument.

  • Private Key Password: The password set in the openssl pkcs12 command via - passout argument.

Verify the private key is loaded into the AEM keystore


User > Keystore

When the private key is successfully loaded from the provided keystore into the AEM keystore, the private key’s metadata displays in the user’s keystore console.

Adding the public key to Adobe I/O

The matching public key must be uploaded to Adobe I/O to allow the AEM service user, who has the public key’s corresponding private to securely communicate.

Create a Adobe I/O new integration

Create Adobe I/O Integration > New Integration

Adobe Command Line Tools

Creating a new integration in Adobe I/O requires uploading a public certificate. Upload the certificate.crt generated by the openssl req command.

Verify the public keys are loaded in Adobe I/O

The installed public keys and their expiry dates are listed in the Integrations console on Adobe I/O. Multiple public keys can be added via the Add a public key button.

Now AEM hold the private key and the Adobe I/O integration holds the corresponding public key, allowing AEM to securely communicate with Adobe I/O.

Adobe Command Line Tools Tutorial

Resources on adobe.com