From: Nikos Mavrogiannopoulos Date: Sun, 22 Jan 2012 16:56:25 +0000 (+0100) Subject: removed certtool.1. X-Git-Tag: gnutls_3_0_13~225 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=58081d322ceb4fca9d417bcc6def7ab7c8e88d3a;p=thirdparty%2Fgnutls.git removed certtool.1. --- diff --git a/doc/manpages/certtool.1 b/doc/manpages/certtool.1 deleted file mode 100644 index 7c46057618..0000000000 --- a/doc/manpages/certtool.1 +++ /dev/null @@ -1,177 +0,0 @@ -.TH certtool 1 "May 23rd 2011" -.SH NAME -certtool \- Manipulate certificates and keys. -.SH SYNOPSIS -certtool [\fIoptions\fR] -.SH DESCRIPTION -Generate X.509 certificates, certificate requests, and private keys. -.SH OPTIONS -.SS Program control options -.IP "\-d, \-\-debug LEVEL" -Specify the debug level. Default is 1. -.IP "\-h, \-\-help" -Shows this help text -.IP "\-v, \-\-version" -Shows the program's version - -.SS Getting information on X.509 certificates -.IP "\-i, \-\-certificate\-info" -Print information on a certificate. -.IP "\-k, \-\-key\-info" -Print information on a private key. -.IP "\-l, \-\-crl\-info" -Print information on a CRL. -.IP "\-\-p12\-info" -Print information on a PKCS #12 structure. - -.SS Getting information on Openpgp certificates -.IP "\-\-pgp\-\-certificate\-info" -Print information on an OpenPGP certificate. -.IP "\-\-pgp\-\-key\-info" -Print information on an OpenPGP private key. -.IP "\-\-pgp\-\-ring\-info" -Print information on a keyring. - -.SS Generating/verifying X.509 certificates/keys -.IP "\-c, \-\-generate\-certificate" -Generate a signed certificate. -.IP "\-e, \-\-verify\-chain" -Verify a PEM encoded certificate chain. The last certificate in the chain must be a self signed one. -.IP "\-\-generate\-dh\-params" -Generate PKCS #3 encoded Diffie-Hellman parameters. -.IP "\-\-load\-ca\-certificate FILE" -Certificate authority's certificate file to use. -.IP "\-\-load\-ca\-privkey FILE" -Certificate authority's private key file or PKCS #11 URL to use. -.IP "\-\-load\-certificate FILE" -Certificate file to use. -.IP "\-\-load\-privkey FILE" -Private key file or PKCS #11 URL to use. -.IP "\-\-load\-pubkey FILE" -Public key file or PKCS #11 URL to use. -.IP "\-\-load\-request FILE" -Certificate request file to use. -.IP "\-p, \-\-generate\-privkey" -Generate a private key. -.IP "\-q, \-\-generate\-request" -Generate a PKCS #10 certificate request. -.IP "\-s, \-\-generate\-self\-signed" -Generate a self-signed certificate. -.IP "\-u, \-\-update\-certificate" -Update a signed certificate. - -.SS Controlling output -.IP "\-8, \-\-pkcs8" -Use PKCS #8 format for private keys. -.IP "\-\-pkcs-cipher" -The cipher to use when doing pkcs encryption. Valid options are -3des,aes-128,aes-192,aes-256,rc2-40 -.IP "\-\-dsa" -Generate a DSA key. -.IP "\-\-ecc" -Generate an ECC (ECDSA) key. -.IP "\-\-sec\-param [low|normal|high|ultra]" -Specify a security parameter for the generate key. It is recommended -to use this option instead of \-\-bits. -.IP "\-\-bits BITS" -Specify the number of bits for key generation. -.IP "\-\-export\-ciphers" -Use weak encryption algorithms. -.IP "\-\-inraw" -Use RAW/DER format for input certificates and private keys. -.IP "\-\-infile FILE" -Input file. -.IP "\-\-outraw" -Use RAW/DER format for output certificates and private keys. -.IP "\-\-outfile FILE" -Output file. -.IP "\-\-password PASSWORD" -Password to use. -.IP "\-\-to\-p12" -Generate a PKCS #12 structure. -.IP "\-\-template" -Use a template file to read input. See the doc/certtool.cfg -in the distribution, for an example. -.IP "\-\-fix\-key" -Some previous versions of certtool generated wrongly the -optional parameters in a private key. This may affect -programs that used them. To fix an old private key use -\-\-key\-info in combination with this parameter. -.IP "\-\-v1" -When generating a certificate use the X.509 version 1 format. -This does not add any extensions (such as indication for a CA) -but some programs do need these. - -.SH EXAMPLES -To create a private key, run: - -.RS -.nf -$ certtool \-\-generate\-privkey \-\-outfile key.pem -.fi -.RE - -To create a certificate request (needed when the certificate is issued by -another party), run: - -.RS -.nf -$ certtool \-\-generate\-request \-\-load\-privkey key.pem \\ - \-\-outfile request.pem -.fi -.RE - -To create a certificate request using a key stored in a PKCS #11 -token, run: - -.RS -.nf -$ ./certtool \-\-generate-request \-\-load-privkey "pkcs11:..." \\ - \-\-load-pubkey "pkcs11:..." \-\-outfile request.pem -.fi -.RE - -To generate a certificate using the previous request, use the command: - -.RS -.nf -$ certtool \-\-generate\-certificate \-\-load\-request request.pem \\ - \-\-outfile cert.pem \-\-load\-ca\-certificate ca\-cert.pem \\ - \-\-load\-ca\-privkey ca\-key.pem -.fi -.RE - -To generate a certificate using the private key only, use the command: - -.RS -.nf -$ certtool \-\-generate\-certificate \-\-load\-privkey key.pem \\ - \-\-outfile cert.pem \-\-load\-ca\-certificate ca\-cert.pem \\ - \-\-load\-ca\-privkey ca\-key.pem -.fi -.RE - -To view the certificate information, use: - -.RS -.nf -$ certtool \-\-certificate\-info \-\-infile cert.pem -.fi -.RE - -To generate a PKCS #12 structure using the previous key and certificate, use the command: - -.RS -.nf -$ certtool \-\-load\-certificate cert.pem \-\-load\-privkey key.pem \\ - \-\-to\-p12 \-\-outder \-\-outfile key.p12 -.fi -.RE - -.SH AUTHOR -.PP -Nikos Mavrogiannopoulos and others; see -/usr/share/doc/gnutls\-bin/AUTHORS for a complete list. -.PP -This manual page was written by Ivo Timmermans , for -the Debian GNU/Linux system (but may be used by others).