]> git.ipfire.org Git - thirdparty/openssl.git/blame - doc/man1/openssl-crl2pkcs7.pod
projects / thirdparty / openssl.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Deprecate unprefixed manual entries for openssl commands
[thirdparty/openssl.git] / doc / man1 / openssl-crl2pkcs7.pod
CommitLineData
5e76807b
DSH		 1=pod
2
3=head1 NAME
4
b6b66573 5openssl-crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates
5e76807b
DSH		 6
7=head1 SYNOPSIS
8
cd756209 9B<openssl> B<crl2pkcs7>
169394d4 10[B<-help>]
5e76807b
DSH		 11[B<-inform PEM|DER>]
12[B<-outform PEM|DER>]
13[B<-in filename>]
14[B<-out filename>]
cd756209
BM		 15[B<-certfile filename>]
16[B<-nocrl>]
5e76807b
DSH		 17
18=head1 DESCRIPTION
19
20The B<crl2pkcs7> command takes an optional CRL and one or more
21certificates and converts them into a PKCS#7 degenerate "certificates
22only" structure.
23
3dfda1a6 24=head1 OPTIONS
5e76807b
DSH		 25
26=over 4
27
169394d4
MR		 28=item B<-help>
29
30Print out a usage message.
31
5e76807b
DSH		 32=item B<-inform DER|PEM>
33
34This specifies the CRL input format. B<DER> format is DER encoded CRL
35structure.B<PEM> (the default) is a base64 encoded version of
7477c83e 36the DER form with header and footer lines. The default format is PEM.
5e76807b
DSH		 37
38=item B<-outform DER|PEM>
39
40This specifies the PKCS#7 structure output format. B<DER> format is DER
41encoded PKCS#7 structure.B<PEM> (the default) is a base64 encoded version of
7477c83e 42the DER form with header and footer lines. The default format is PEM.
5e76807b
DSH		 43
44=item B<-in filename>
45
46This specifies the input filename to read a CRL from or standard input if this
47option is not specified.
48
49=item B<-out filename>
50
c4de074e 51Specifies the output filename to write the PKCS#7 structure to or standard
5e76807b
DSH		 52output by default.
53
54=item B<-certfile filename>
55
c4de074e 56Specifies a filename containing one or more certificates in B<PEM> format.
5e76807b
DSH		 57All certificates in the file will be added to the PKCS#7 structure. This
58option can be used more than once to read certificates form multiple
59files.
60
61=item B<-nocrl>
62
c4de074e 63Normally a CRL is included in the output file. With this option no CRL is
5e76807b
DSH		 64included in the output file and a CRL is not read from the input file.
65
66=back
67
68=head1 EXAMPLES
69
70Create a PKCS#7 structure from a certificate and CRL:
71
72 openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem
73
74Creates a PKCS#7 structure in DER format with no CRL from several
75different certificates:
76
1bc74519
RS		 77 openssl crl2pkcs7 -nocrl -certfile newcert.pem
78 -certfile demoCA/cacert.pem -outform DER -out p7.der
5e76807b
DSH		 79
80=head1 NOTES
81
82The output file is a PKCS#7 signed data structure containing no signers and
83just certificates and an optional CRL.
84
85This utility can be used to send certificates and CAs to Netscape as part of
86the certificate enrollment process. This involves sending the DER encoded output
87as MIME type application/x-x509-user-cert.
88
89The B<PEM> encoded form with the header and footer lines removed can be used to
90install user certificates and CAs in MSIE using the Xenroll control.
91
92=head1 SEE ALSO
93
b6b66573
DMSP		 94L<openssl(1)>,
95L<openssl-pkcs7(1)>
5e76807b 96
e2f92610
RS		 97=head1 COPYRIGHT
98
b6b66573 99Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
e2f92610 100
449040b4 101Licensed under the Apache License 2.0 (the "License"). You may not use
e2f92610
RS		 102this file except in compliance with the License. You can obtain a copy
103in the file LICENSE in the source distribution or at
104L<https://www.openssl.org/source/license.html>.
105
106=cut
A mirror of the official openssl repository