certtool man page on aLinux

Man page or keyword search:  
man Server   7435 pages
apropos Keyword Search (all sections)
Output format
aLinux logo
[printable version]

certtool(1)							   certtool(1)

       certtool - Manipulate certificates and keys.

       certtool [options]

       Generate X.509 certificates, certificate requests, and private keys.

   Program control options
	      Shows the program's license

       -d, --debug LEVEL
	      Specify the debug level. Default is 1.

       -h, --help
	      Shows this help text

       -v, --version
	      Shows the program's version

   Getting information
       -i, --certificate-info
	      Print information on a certificate.

       -k, --key-info
	      Print information on a private key.

       -l, --crl-info
	      Print information on a CRL.

	      Print information on a PKCS #12 structure.

   Generating/verifying certificates/keys
       -c, --generate-certificate
	      Generate a signed certificate.

       -e, --verify-chain
	      Verify a PEM encoded certificate chain.  The last certificate in
	      the chain must be a self signed one.

	      Generate PKCS #3 encoded Diffie Hellman parameters.

       --load-ca-certificate FILE
	      Certificate authority's certificate file to use.

       --load-ca-privkey FILE
	      Certificate authority's private key file to use.

       --load-certificate FILE
	      Certificate file to use.

       --load-privkey FILE
	      Private key file to use.

       --load-request FILE
	      Certificate request file to use.

       -p, --generate-privkey
	      Generate a private key.

       -q, --generate-request
	      Generate a PKCS #10 certificate request.

       -s, --generate-self-signed
	      Generate a self-signed certificate.

       -u, --update-certificate
	      Update a signed certificate.

   Controlling output
       -8, --pkcs8
	      Use PKCS #8 format for private keys.

       --dsa  Generate a DSA key.

       --bits BITS
	      Specify the number of bits for key generation.

	      Use weak encryption algorithms.

	      Use DER format for input certificates and private keys.

       --infile FILE
	      Input file.

	      Use DER format for output certificates and private keys.

       --outfile FILE
	      Output file.

       --password PASSWORD
	      Password to use.

	      Generate a PKCS #12 structure.

	      Use a template file to read input. See the  doc/certtool.cfg  in
	      the distribution, for an example.

	      Some   previous  versions	 of  certtool  generated  wrongly  the
	      optional parameters in a private key. This may  affect  programs
	      that used them. To fix an old private key use --key-info in com‐
	      bination with this parameter.

       To create a private key, run:

	      $ certtool --generate-privkey --outfile key.pem

       To create a certificate request, run:

	      $ certtool --generate-request --load-privkey key.pem \
		 --outfile request.pem

       To generate a certificate using the previous request, use the command:

	      $ certtool --generate-certificate --load-request request.pem \
		 --outfile cert.pem --load-ca-certificate ca-cert.pem \
		 --load-ca-privkey ca-key.pem

       To view the certificate information, use:

	      $ certtool --certificate-info --infile cert.pem

       To generate a PKCS #12 structure using the previous  key	 and  certifi‐
       cate, use the command:

	      $ certtool --load-certificate cert.pem --load-privkey key.pem \
		 --to-p12 --outder --outfile key.p12

       Nikos	 Mavroyanopoulos    <nmav@gnutls.org>	 and	others;	   see
       /usr/share/doc/gnutls-bin/AUTHORS for a complete list.

       This manual page was written by Ivo  Timmermans	<ivo@debian.org>,  for
       the Debian GNU/Linux system (but may be used by others).

				 May 23rd 2005			   certtool(1)

List of man pages available for aLinux

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net