version 1.153, 2023/12/29 12:06:48 |
version 1.154, 2024/01/12 11:24:03 |
|
|
.Op Fl extensions Ar section |
.Op Fl extensions Ar section |
.Op Fl extfile Ar file |
.Op Fl extfile Ar file |
.Op Fl fingerprint |
.Op Fl fingerprint |
|
.Op Fl force_pubkey Ar key |
.Op Fl hash |
.Op Fl hash |
.Op Fl in Ar file |
.Op Fl in Ar file |
.Op Fl inform Cm der | net | pem |
.Op Fl inform Cm der | net | pem |
|
|
.Op Fl keyform Cm der | pem |
.Op Fl keyform Cm der | pem |
.Op Fl md5 | sha1 |
.Op Fl md5 | sha1 |
.Op Fl modulus |
.Op Fl modulus |
|
.Op Fl multivalue-rdn |
.Op Fl nameopt Ar option |
.Op Fl nameopt Ar option |
.Op Fl next_serial |
.Op Fl next_serial |
.Op Fl noout |
.Op Fl noout |
|
|
.Op Fl purpose |
.Op Fl purpose |
.Op Fl req |
.Op Fl req |
.Op Fl serial |
.Op Fl serial |
|
.Op Fl set_issuer Ar name |
.Op Fl set_serial Ar n |
.Op Fl set_serial Ar n |
|
.Op Fl set_subject Ar name |
.Op Fl setalias Ar arg |
.Op Fl setalias Ar arg |
.Op Fl signkey Ar file |
.Op Fl signkey Ar file |
.Op Fl sigopt Ar nm:v |
.Op Fl sigopt Ar nm:v |
|
|
.Op Fl subject_hash_old |
.Op Fl subject_hash_old |
.Op Fl text |
.Op Fl text |
.Op Fl trustout |
.Op Fl trustout |
|
.Op Fl utf8 |
.Op Fl x509toreq |
.Op Fl x509toreq |
.Ek |
.Ek |
.El |
.El |
|
|
versions before 1.0.0. |
versions before 1.0.0. |
.It Fl modulus |
.It Fl modulus |
Print the value of the modulus of the public key contained in the certificate. |
Print the value of the modulus of the public key contained in the certificate. |
|
.It Fl multivalue-rdn |
|
This option causes the |
|
.Fl subj |
|
argument to be interpreted with full support for multivalued RDNs, |
|
for example |
|
.Qq "/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe" . |
|
If |
|
.Fl multivalue-rdn |
|
is not used, the UID value is set to |
|
.Qq "123456+CN=John Doe" . |
.It Fl nameopt Ar option |
.It Fl nameopt Ar option |
Customise how the subject or issuer names are displayed, |
Customise how the subject or issuer names are displayed, |
either using a list of comma-separated options or by specifying |
either using a list of comma-separated options or by specifying |
|
|
.It Fl extfile Ar file |
.It Fl extfile Ar file |
File containing certificate extensions to use. |
File containing certificate extensions to use. |
If not specified, no extensions are added to the certificate. |
If not specified, no extensions are added to the certificate. |
|
.It Fl force_pubkey Ar key |
|
Set the public key of the certificate to the public key contained in |
|
.Ar key . |
.It Fl keyform Cm der | pem |
.It Fl keyform Cm der | pem |
The format of the private key file used in the |
The format of the key file used in the |
|
.Fl force_pubkey |
|
and |
.Fl signkey |
.Fl signkey |
option. |
options. |
.It Fl req |
.It Fl req |
Expect a certificate request on input instead of a certificate. |
Expect a certificate request on input instead of a certificate. |
|
.It Fl set_issuer Ar name |
|
The issuer name to use. |
|
.Ar name |
|
must be formatted as /type0=value0/type1=value1/type2=...; |
|
characters may be escaped by |
|
.Sq \e |
|
(backslash); |
|
no spaces are skipped. |
.It Fl set_serial Ar n |
.It Fl set_serial Ar n |
The serial number to use. |
The serial number to use. |
This option can be used with either the |
This option can be used with either the |
|
|
The serial number can be decimal or hex (if preceded by |
The serial number can be decimal or hex (if preceded by |
.Sq 0x ) . |
.Sq 0x ) . |
Negative serial numbers can also be specified but their use is not recommended. |
Negative serial numbers can also be specified but their use is not recommended. |
|
.It Fl set_subject Ar name |
|
The subject name to use. |
|
.Ar name |
|
must be formatted as /type0=value0/type1=value1/type2=...; |
|
characters may be escaped by |
|
.Sq \e |
|
(backslash); |
|
no spaces are skipped. |
.It Fl signkey Ar file |
.It Fl signkey Ar file |
Self-sign |
Self-sign |
.Ar file |
.Ar file |
|
|
If the input is a certificate request, a self-signed certificate |
If the input is a certificate request, a self-signed certificate |
is created using the supplied private key using the subject name in |
is created using the supplied private key using the subject name in |
the request. |
the request. |
|
.It Fl utf8 |
|
Interpret field values read from a terminal or obtained from a configuration |
|
file as UTF-8 strings. |
|
By default, they are interpreted as ASCII. |
.It Fl x509toreq |
.It Fl x509toreq |
Convert a certificate into a certificate request. |
Convert a certificate into a certificate request. |
The |
The |