| version 1.107, 2019/07/07 02:04:40 |
version 1.108, 2019/07/08 14:15:12 |
|
|
| .Fl des | des3 |
.Fl des | des3 |
| .Oc |
.Oc |
| .Op Fl in Ar file |
.Op Fl in Ar file |
| .Op Fl inform Cm der | pem |
.Op Fl inform Cm der | pem | pvk |
| .Op Fl modulus |
.Op Fl modulus |
| .Op Fl noout |
.Op Fl noout |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl outform Cm der | pem |
.Op Fl outform Cm der | pem | pvk |
| .Op Fl passin Ar arg |
.Op Fl passin Ar arg |
| .Op Fl passout Ar arg |
.Op Fl passout Ar arg |
| .Op Fl pubin |
.Op Fl pubin |
| .Op Fl pubout |
.Op Fl pubout |
| |
.Op Fl pvk-none | pvk-strong | pvk-weak |
| .Op Fl text |
.Op Fl text |
| .nr nS 0 |
.nr nS 0 |
| .Pp |
.Pp |
|
|
| The input file to read from, |
The input file to read from, |
| or standard input if not specified. |
or standard input if not specified. |
| If the key is encrypted, a pass phrase will be prompted for. |
If the key is encrypted, a pass phrase will be prompted for. |
| .It Fl inform Cm der | pem |
.It Fl inform Cm der | pem | pvk |
| The input format. |
The input format. |
| .It Fl modulus |
.It Fl modulus |
| Print the value of the public key component of the key. |
Print the value of the public key component of the key. |
|
|
| or standard output if not specified. |
or standard output if not specified. |
| If any encryption options are set then a pass phrase will be |
If any encryption options are set then a pass phrase will be |
| prompted for. |
prompted for. |
| .It Fl outform Cm der | pem |
.It Fl outform Cm der | pem | pvk |
| The output format. |
The output format. |
| .It Fl passin Ar arg |
.It Fl passin Ar arg |
| The key password source. |
The key password source. |
|
|
| .It Fl pubout |
.It Fl pubout |
| Output a public key, not a private key. |
Output a public key, not a private key. |
| Automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| |
.It Xo |
| |
.Fl pvk-none | pvk-strong | pvk-weak |
| |
.Xc |
| |
Enable or disable PVK encoding. |
| |
The default is |
| |
.Fl pvk-strong . |
| .It Fl text |
.It Fl text |
| Print the public/private key in plain text. |
Print the public/private key in plain text. |
| .El |
.El |
|
|
| .Op Fl CApath Ar directory |
.Op Fl CApath Ar directory |
| .Op Fl cert Ar file |
.Op Fl cert Ar file |
| .Op Fl dgst Ar alg |
.Op Fl dgst Ar alg |
| |
.Op Fl header Ar name value |
| .Op Fl host Ar hostname : Ns Ar port |
.Op Fl host Ar hostname : Ns Ar port |
| |
.Op Fl ignore_err |
| .Op Fl index Ar indexfile |
.Op Fl index Ar indexfile |
| .Op Fl issuer Ar file |
.Op Fl issuer Ar file |
| .Op Fl ndays Ar days |
.Op Fl ndays Ar days |
|
|
| .Op Fl no_cert_verify |
.Op Fl no_cert_verify |
| .Op Fl no_certs |
.Op Fl no_certs |
| .Op Fl no_chain |
.Op Fl no_chain |
| |
.Op Fl no_explicit |
| .Op Fl no_intern |
.Op Fl no_intern |
| .Op Fl no_nonce |
.Op Fl no_nonce |
| .Op Fl no_signature_verify |
.Op Fl no_signature_verify |
|
|
| .Op Fl rkey Ar file |
.Op Fl rkey Ar file |
| .Op Fl rother Ar file |
.Op Fl rother Ar file |
| .Op Fl rsigner Ar file |
.Op Fl rsigner Ar file |
| .Op Fl serial Ar number |
.Op Fl serial Ar num |
| .Op Fl sign_other Ar file |
.Op Fl sign_other Ar file |
| .Op Fl signer Ar file |
.Op Fl signer Ar file |
| .Op Fl signkey Ar file |
.Op Fl signkey Ar file |
| .Op Fl status_age Ar age |
.Op Fl status_age Ar age |
| .Op Fl text |
.Op Fl text |
| |
.Op Fl timeout Ar seconds |
| .Op Fl trust_other |
.Op Fl trust_other |
| .Op Fl url Ar responder_url |
.Op Fl url Ar responder_url |
| .Op Fl VAfile Ar file |
.Op Fl VAfile Ar file |
|
|
| specifies the HTTP path name to use, or |
specifies the HTTP path name to use, or |
| .Pa / |
.Pa / |
| by default. |
by default. |
| |
.It Fl header Ar name value |
| |
Add the header name with the specified value to the OCSP request that is sent |
| |
to the responder. |
| |
This may be repeated. |
| .It Fl issuer Ar file |
.It Fl issuer Ar file |
| The current issuer certificate, in PEM format. |
The current issuer certificate, in PEM format. |
| Can be used multiple times and must come before any |
Can be used multiple times and must come before any |
|
|
| .It Fl no_chain |
.It Fl no_chain |
| Do not use certificates in the response as additional untrusted CA |
Do not use certificates in the response as additional untrusted CA |
| certificates. |
certificates. |
| |
.It Fl no_explicit |
| |
Don't check the explicit trust for OCSP signing in the root CA certificate. |
| .It Fl no_intern |
.It Fl no_intern |
| Ignore certificates contained in the OCSP response |
Ignore certificates contained in the OCSP response |
| when searching for the signer's certificate. |
when searching for the signer's certificate. |
|
|
| option is not present, then the private key is read from the same file |
option is not present, then the private key is read from the same file |
| as the certificate. |
as the certificate. |
| If neither option is specified, the OCSP request is not signed. |
If neither option is specified, the OCSP request is not signed. |
| |
.It Fl timeout Ar seconds |
| |
Connection timeout to the OCSP responder in seconds. |
| .It Fl trust_other |
.It Fl trust_other |
| The certificates specified by the |
The certificates specified by the |
| .Fl verify_other |
.Fl verify_other |
|
|
| .It Fl CA Ar file |
.It Fl CA Ar file |
| CA certificate corresponding to the revocation information in |
CA certificate corresponding to the revocation information in |
| .Ar indexfile . |
.Ar indexfile . |
| |
.It Fl ignore_err |
| |
Ignore the invalid response. |
| .It Fl index Ar indexfile |
.It Fl index Ar indexfile |
| .Ar indexfile |
.Ar indexfile |
| is a text index file in ca format |
is a text index file in ca format |
|
|
| .Fl password |
.Fl password |
| is equivalent to |
is equivalent to |
| .Fl passout . |
.Fl passout . |
| Otherwise, |
Otherwise, |
| .Fl password |
.Fl password |
| is equivalent to |
is equivalent to |
| .Fl passin . |
.Fl passin . |
|
|
| .Op Fl aes128 | aes192 | aes256 | des | des3 |
.Op Fl aes128 | aes192 | aes256 | des | des3 |
| .Op Fl check |
.Op Fl check |
| .Op Fl in Ar file |
.Op Fl in Ar file |
| .Op Fl inform Cm der | net | pem |
.Op Fl inform Cm der | net | pem | pvk |
| .Op Fl modulus |
.Op Fl modulus |
| .Op Fl noout |
.Op Fl noout |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl outform Cm der | net | pem |
.Op Fl outform Cm der | net | pem | pvk |
| .Op Fl passin Ar arg |
.Op Fl passin Ar arg |
| .Op Fl passout Ar arg |
.Op Fl passout Ar arg |
| .Op Fl pubin |
.Op Fl pubin |
| .Op Fl pubout |
.Op Fl pubout |
| |
.Op Fl pvk-none | pvk-strong | pvk-weak |
| |
.Op Fl RSAPublicKey_in |
| |
.Op Fl RSAPublicKey_out |
| .Op Fl sgckey |
.Op Fl sgckey |
| .Op Fl text |
.Op Fl text |
| .nr nS 0 |
.nr nS 0 |
|
|
| The input file to read from, |
The input file to read from, |
| or standard input if not specified. |
or standard input if not specified. |
| If the key is encrypted, a pass phrase will be prompted for. |
If the key is encrypted, a pass phrase will be prompted for. |
| .It Fl inform Cm der | net | pem |
.It Fl inform Cm der | net | pem | pvk |
| The input format. |
The input format. |
| .It Fl noout |
.It Fl noout |
| Do not output the encoded version of the key. |
Do not output the encoded version of the key. |
|
|
| .It Fl out Ar file |
.It Fl out Ar file |
| The output file to write to, |
The output file to write to, |
| or standard output if not specified. |
or standard output if not specified. |
| .It Fl outform Cm der | net | pem |
.It Fl outform Cm der | net | pem | pvk |
| The output format. |
The output format. |
| .It Fl passin Ar arg |
.It Fl passin Ar arg |
| The key password source. |
The key password source. |
|
|
| Output a public key, |
Output a public key, |
| not a private key. |
not a private key. |
| Automatically set if the input is a public key. |
Automatically set if the input is a public key. |
| |
.It Xo |
| |
.Fl pvk-none | pvk-strong | pvk-weak |
| |
.Xc |
| |
Enable or disable PVK encoding. |
| |
The default is |
| |
.Fl pvk-strong . |
| |
.It Fl RSAPublicKey_in , RSAPublicKey_out |
| |
Same as |
| |
.Fl pubin |
| |
and |
| |
.Fl pubout |
| |
except |
| |
.Cm RSAPublicKey |
| |
format is used instead. |
| .It Fl sgckey |
.It Fl sgckey |
| Use the modified NET algorithm used with some versions of Microsoft IIS |
Use the modified NET algorithm used with some versions of Microsoft IIS |
| and SGC keys. |
and SGC keys. |
|
|
| .Op Fl noindef |
.Op Fl noindef |
| .Op Fl nointern |
.Op Fl nointern |
| .Op Fl nosigs |
.Op Fl nosigs |
| |
.Op Fl nosmimecap |
| .Op Fl noverify |
.Op Fl noverify |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl outform Cm der | pem | smime |
.Op Fl outform Cm der | pem | smime |
|
|
| The supplied certificates can still be used as untrusted CAs. |
The supplied certificates can still be used as untrusted CAs. |
| .It Fl nosigs |
.It Fl nosigs |
| Do not try to verify the signatures on the message. |
Do not try to verify the signatures on the message. |
| |
.It Fl nosmimecap |
| |
Exclude the list of supported algorithms from signed attributes, |
| |
other options such as signing time and content type are still included. |
| .It Fl noverify |
.It Fl noverify |
| Do not verify the signer's certificate of a signed message. |
Do not verify the signer's certificate of a signed message. |
| .It Fl out Ar file |
.It Fl out Ar file |
|
|
| .It Cm pem |
.It Cm pem |
| Privacy Enhanced Mail (PEM) |
Privacy Enhanced Mail (PEM) |
| is base64-encoded. |
is base64-encoded. |
| |
.It Cm pvk |
| |
Private Key format. |
| .It Cm smime |
.It Cm smime |
| An SMIME format message. |
An SMIME format message. |
| .It Cm txt |
.It Cm txt |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl