certtool man page on aLinux

Man page or keyword search:  
man Server   7435 pages
apropos Keyword Search (all sections)
Output format
aLinux logo
[printable version]

certtool(1)							   certtool(1)

NAME
       certtool - Manipulate certificates and keys.

SYNOPSIS
       certtool [options]

DESCRIPTION
       Generate X.509 certificates, certificate requests, and private keys.

OPTIONS
   Program control options
       --copyright
	      Shows the program's license

       -d, --debug LEVEL
	      Specify the debug level. Default is 1.

       -h, --help
	      Shows this help text

       -v, --version
	      Shows the program's version

   Getting information
       -i, --certificate-info
	      Print information on a certificate.

       -k, --key-info
	      Print information on a private key.

       -l, --crl-info
	      Print information on a CRL.

       --p12-info
	      Print information on a PKCS #12 structure.

   Generating/verifying certificates/keys
       -c, --generate-certificate
	      Generate a signed certificate.

       -e, --verify-chain
	      Verify a PEM encoded certificate chain.  The last certificate in
	      the chain must be a self signed one.

       --generate-dh-params
	      Generate PKCS #3 encoded Diffie Hellman parameters.

       --load-ca-certificate FILE
	      Certificate authority's certificate file to use.

       --load-ca-privkey FILE
	      Certificate authority's private key file to use.

       --load-certificate FILE
	      Certificate file to use.

       --load-privkey FILE
	      Private key file to use.

       --load-request FILE
	      Certificate request file to use.

       -p, --generate-privkey
	      Generate a private key.

       -q, --generate-request
	      Generate a PKCS #10 certificate request.

       -s, --generate-self-signed
	      Generate a self-signed certificate.

       -u, --update-certificate
	      Update a signed certificate.

   Controlling output
       -8, --pkcs8
	      Use PKCS #8 format for private keys.

       --dsa  Generate a DSA key.

       --bits BITS
	      Specify the number of bits for key generation.

       --export-ciphers
	      Use weak encryption algorithms.

       --inder
	      Use DER format for input certificates and private keys.

       --infile FILE
	      Input file.

       --outder
	      Use DER format for output certificates and private keys.

       --outfile FILE
	      Output file.

       --password PASSWORD
	      Password to use.

       --to-p12
	      Generate a PKCS #12 structure.

       --template
	      Use a template file to read input. See the  doc/certtool.cfg  in
	      the distribution, for an example.

       --fix-key
	      Some   previous  versions	 of  certtool  generated  wrongly  the
	      optional parameters in a private key. This may  affect  programs
	      that used them. To fix an old private key use --key-info in com‐
	      bination with this parameter.

EXAMPLES
       To create a private key, run:

	      $ certtool --generate-privkey --outfile key.pem

       To create a certificate request, run:

	      $ certtool --generate-request --load-privkey key.pem \
		 --outfile request.pem

       To generate a certificate using the previous request, use the command:

	      $ certtool --generate-certificate --load-request request.pem \
		 --outfile cert.pem --load-ca-certificate ca-cert.pem \
		 --load-ca-privkey ca-key.pem

       To view the certificate information, use:

	      $ certtool --certificate-info --infile cert.pem

       To generate a PKCS #12 structure using the previous  key	 and  certifi‐
       cate, use the command:

	      $ certtool --load-certificate cert.pem --load-privkey key.pem \
		 --to-p12 --outder --outfile key.p12

AUTHOR
       Nikos	 Mavroyanopoulos    <nmav@gnutls.org>	 and	others;	   see
       /usr/share/doc/gnutls-bin/AUTHORS for a complete list.

       This manual page was written by Ivo  Timmermans	<ivo@debian.org>,  for
       the Debian GNU/Linux system (but may be used by others).

				 May 23rd 2005			   certtool(1)
[top]

List of man pages available for aLinux

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net