| version 1.40, 2016/07/23 19:31:35 |
version 1.41, 2016/07/28 16:20:21 |
|
|
| .Qq depth |
.Qq depth |
| of the structures. |
of the structures. |
| .It Fl in Ar file |
.It Fl in Ar file |
| The input file; the default is standard input. |
The input file to read from, or standard input if not specified. |
| .It Fl inform Cm der | pem | txt |
.It Fl inform Cm der | pem | txt |
| The input format. |
The input format. |
| .It Fl length Ar number |
.It Fl length Ar number |
|
|
| The options relevant to CAs are as follows: |
The options relevant to CAs are as follows: |
| .Bl -tag -width "XXXX" |
.Bl -tag -width "XXXX" |
| .It Fl batch |
.It Fl batch |
| This sets the batch mode. |
Batch mode. |
| In this mode no questions will be asked |
In this mode no questions will be asked |
| and all certificates will be certified automatically. |
and all certificates will be certified automatically. |
| .It Fl cert Ar file |
.It Fl cert Ar file |
|
|
| .It Fl days Ar arg |
.It Fl days Ar arg |
| The number of days to certify the certificate for. |
The number of days to certify the certificate for. |
| .It Fl enddate Ar date |
.It Fl enddate Ar date |
| This allows the expiry date to be explicitly set. |
Set the expiry date. |
| The format of the date is YYMMDDHHMMSSZ |
The format of the date is YYMMDDHHMMSSZ |
| .Pq the same as an ASN1 UTCTime structure . |
.Pq the same as an ASN1 UTCTime structure . |
| .It Fl extensions Ar section |
.It Fl extensions Ar section |
|
|
| .It Fl passin Ar arg |
.It Fl passin Ar arg |
| The key password source. |
The key password source. |
| .It Fl policy Ar arg |
.It Fl policy Ar arg |
| This option defines the CA |
Define the CA |
| .Qq policy |
.Qq policy |
| to use. |
to use. |
| The policy section in the configuration file |
The policy section in the configuration file |
|
|
| .It Fl ss_cert Ar file |
.It Fl ss_cert Ar file |
| A single self-signed certificate to be signed by the CA. |
A single self-signed certificate to be signed by the CA. |
| .It Fl startdate Ar date |
.It Fl startdate Ar date |
| This allows the start date to be explicitly set. |
Set the start date. |
| The format of the date is YYMMDDHHMMSSZ |
The format of the date is YYMMDDHHMMSSZ |
| .Pq the same as an ASN1 UTCTime structure . |
.Pq the same as an ASN1 UTCTime structure . |
| .It Fl status Ar serial |
.It Fl status Ar serial |
|
|
| .It Fl updatedb |
.It Fl updatedb |
| Update database for expired certificates. |
Update database for expired certificates. |
| .It Fl verbose |
.It Fl verbose |
| This prints extra details about the operations being performed. |
Print extra details about the operations being performed. |
| .El |
.El |
| .Pp |
.Pp |
| The options relevant to CRLs are as follows: |
The options relevant to CRLs are as follows: |
|
|
| .Fl crl_compromise , |
.Fl crl_compromise , |
| except the revocation reason is set to CACompromise. |
except the revocation reason is set to CACompromise. |
| .It Fl crl_compromise Ar time |
.It Fl crl_compromise Ar time |
| This sets the revocation reason to keyCompromise and the compromise time to |
Set the revocation reason to keyCompromise and the compromise time to |
| .Ar time . |
.Ar time . |
| .Ar time |
.Ar time |
| should be in GeneralizedTime format, i.e. YYYYMMDDHHMMSSZ. |
should be in GeneralizedTime format, i.e. YYYYMMDDHHMMSSZ. |
| .It Fl crl_hold Ar instruction |
.It Fl crl_hold Ar instruction |
| This sets the CRL revocation reason code to certificateHold and the hold |
Set the CRL revocation reason code to certificateHold and the hold |
| instruction to |
instruction to |
| .Ar instruction |
.Ar instruction |
| which must be an OID. |
which must be an OID. |
|
|
| .It Fl crlhours Ar num |
.It Fl crlhours Ar num |
| The number of hours before the next CRL is due. |
The number of hours before the next CRL is due. |
| .It Fl gencrl |
.It Fl gencrl |
| This option generates a CRL based on information in the index file. |
Generate a CRL based on information in the index file. |
| .It Fl revoke Ar file |
.It Fl revoke Ar file |
| A |
A |
| .Ar file |
.Ar file |
|
|
| command converts |
command converts |
| .Nm openssl |
.Nm openssl |
| cipher lists into ordered SSL cipher preference lists. |
cipher lists into ordered SSL cipher preference lists. |
| It can be used as a test tool to determine the appropriate cipherlist. |
It can be used as a way to determine the appropriate cipher list. |
| .Pp |
.Pp |
| The options are as follows: |
The options are as follows: |
| .Bl -tag -width Ds |
.Bl -tag -width Ds |
![[BACK]](/icons/back.gif){kind=icon}
Return to openssl.1 CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / openssl