| version 1.39, 2016/07/21 18:40:26 |
version 1.40, 2016/07/23 19:31:35 |
|
|
| .It Fl text |
.It Fl text |
| Print out the CRL in text form. |
Print out the CRL in text form. |
| .El |
.El |
| .\" |
|
| .\" CRL2PKCS7 |
|
| .\" |
|
| .Sh CRL2PKCS7 |
.Sh CRL2PKCS7 |
| .nr nS 1 |
.nr nS 1 |
| .Nm "openssl crl2pkcs7" |
.Nm "openssl crl2pkcs7" |
| .Bk -words |
|
| .Op Fl certfile Ar file |
.Op Fl certfile Ar file |
| .Op Fl in Ar file |
.Op Fl in Ar file |
| .Op Fl inform Ar DER | PEM |
.Op Fl inform Cm der | pem |
| .Op Fl nocrl |
.Op Fl nocrl |
| .Op Fl out Ar file |
.Op Fl out Ar file |
| .Op Fl outform Ar DER | PEM |
.Op Fl outform Cm der | pem |
| .Ek |
|
| .nr nS 0 |
.nr nS 0 |
| .Pp |
.Pp |
| The |
The |
|
|
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
| .It Fl certfile Ar file |
.It Fl certfile Ar file |
| Specifies a |
Add the certificates in PEM |
| .Ar file |
.Ar file |
| containing one or more certificates in PEM format. |
to the PKCS#7 structure. |
| All certificates in the file will be added to the PKCS#7 structure. |
This option can be used more than once |
| This option can be used more than once to read certificates from multiple |
to read certificates from multiple files. |
| files. |
|
| .It Fl in Ar file |
.It Fl in Ar file |
| This specifies the input |
Read the CRL from |
| .Ar file |
.Ar file , |
| to read a CRL from, or standard input if this option is not specified. |
or standard input if not specified. |
| .It Fl inform Ar DER | PEM |
.It Fl inform Cm der | pem |
| This specifies the CRL input format. |
Specify the CRL input format. |
| .Ar DER |
|
| format is a DER-encoded CRL structure. |
|
| .Ar PEM |
|
| .Pq the default |
|
| is a base64-encoded version of the DER form with header and footer lines. |
|
| .It Fl nocrl |
.It Fl nocrl |
| Normally, a CRL is included in the output file. |
Normally, a CRL is included in the output file. |
| With this option, no CRL is |
With this option, no CRL is |
| included in the output file and a CRL is not read from the input file. |
included in the output file and a CRL is not read from the input file. |
| .It Fl out Ar file |
.It Fl out Ar file |
| Specifies the output |
Write the PKCS#7 structure to |
| .Ar file |
.Ar file , |
| to write the PKCS#7 structure to, or standard output by default. |
or standard output if not specified. |
| .It Fl outform Ar DER | PEM |
.It Fl outform Cm der | pem |
| This specifies the PKCS#7 structure output format. |
Specify the PKCS#7 structure output format. |
| .Ar DER |
|
| format is a DER-encoded PKCS#7 structure. |
|
| .Ar PEM |
|
| .Pq the default |
|
| is a base64-encoded version of the DER form with header and footer lines. |
|
| .El |
.El |
| .Sh CRL2PKCS7 EXAMPLES |
|
| Create a PKCS#7 structure from a certificate and CRL: |
|
| .Pp |
|
| .Dl $ openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem |
|
| .Pp |
|
| Create a PKCS#7 structure in DER format with no CRL from several |
|
| different certificates: |
|
| .Bd -literal -offset indent |
|
| $ openssl crl2pkcs7 -nocrl -certfile newcert.pem \e |
|
| -certfile demoCA/cacert.pem -outform DER -out p7.der |
|
| .Ed |
|
| .Sh CRL2PKCS7 NOTES |
|
| The output file is a PKCS#7 signed data structure containing no signers and |
|
| just certificates and an optional CRL. |
|
| .Pp |
|
| This utility can be used to send certificates and CAs to Netscape as part of |
|
| the certificate enrollment process. |
|
| This involves sending the DER-encoded output |
|
| as MIME type |
|
| .Em application/x-x509-user-cert . |
|
| .Pp |
|
| The PEM-encoded form with the header and footer lines removed can be used to |
|
| install user certificates and CAs in MSIE using the Xenroll control. |
|
| .\" |
.\" |
| .\" DGST |
.\" DGST |
| .\" |
.\" |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl