How do I install a master domain manager to reach the license server with no Internet connection?

cscript serverinst.vbs --acceptlicense yes --rdbmstype <db_type>
--dbhostname <db_hostname> --dbport <db_port> --dbname <db_name>
--dbuser <db_user> --dbpassword <db_password> --wauser <wa_user>
--wapassword <wa_password> --wlpdir <Liberty_installation_dir>\wlp
--licenseserverid <license_server_ID> 
--sslkeysfolder <certificate_files_path> --sslpassword <keystore_truststore_password>

./serverinst.sh --acceptlicense yes --rdbmstype <db_type>
--dbhostname <db_hostname> --dbport <db_port> --dbname <db_name>
--dbuser <db_user> --dbpassword <db_password> --wauser <wa_user>
--wapassword <wa_password> --wlpdir <Liberty_installation_dir>/wlp
--licenseserverid <license_server_ID> 
--sslkeysfolder <certificate_files_path> --sslpassword <keystore_truststore_password>

• DB2
• ORACLE
• MSSQL This value applies to MSSQL,Azure SQL and Google Cloud SQL for SQL server.
• IDS This value is supported only on UNIX operating systems. and applies to Informix.
• ONEDB This value is supported only on UNIX operating systems.

On Windows operating systems

Supported characters for the password are alphanumeric, dash (-), underscore (_) characters, and ()|?*~+.

On UNIX operating systems

Supported characters for the password are alphanumeric, dash (-), underscore (_) characters, and ()|?=*~+.

• ca.crt

  The Certificate Authority (CA) public certificate. Note that if certificates being installed are part of a chain consisting of 3 or more certificates (one Root CA, followed by one or more Intermediate CAs, followed by the end user certificate), then this file must contain the Root CA certificate only. Any Intermediate CA certificates must be stored in the additionalCAs subfolder, which therefore becomes a mandatory subfolder. Each Intermediate CA must be stored in the additionalCAs subfolder in its own file.

• tls.key

  The private key of the end user certificate for the instance to be installed.

• tls.crt

  The public part of the previous key, that is the end user certificate.

You can optionally create a subfolder to contain one or more *.crt files to be added to the server truststore as trusted CA, whose name must be additionalCAs. This can be used for example to add to the list of trusted CAs the certificate of the LDAP server or DB2 server. Additionally, you can store here any intermediate CA certificate to be added to the truststore. The subfolder must be named additionalCAs. Note that if the end user certificate being installed in the instance is part of a chain consisting of 3 or more certificates (one Root CA, followed by one or more Intermediate CAs, followed by the end user certificate), then the Intermediate CAs certificates must be stored in the additionalCAs subfolder, which therefore becomes a mandatory subfolder. Each Intermediate CA must be stored in the additionalCAs subfolder in its own file.

• If you want HCL Workload Automation to generate default certificates, provide the password to be used for the default certificates. HCL Workload Automation generates the certificates and stores them on the master domain manager in the installation_directory/defaultCerts and TWA_DATA_DIR/ssl/depot directories. You can then use the TWA_DATA_DIR/ssl/depot to retrieve the default certificates for the other product components.
• If you want HCL Workload Automation to process custom certificates, provide the password for the custom certificates and the path to the folder containing certificates in .PEM format with the sslkeysfolder parameter. To process custom certificates, the sslkeysfolder parameter is required.