summaryrefslogtreecommitdiffstats
path: root/secure/usr.bin/openssl/man/req.1
diff options
context:
space:
mode:
Diffstat (limited to 'secure/usr.bin/openssl/man/req.1')
-rw-r--r--secure/usr.bin/openssl/man/req.1115
1 files changed, 45 insertions, 70 deletions
diff --git a/secure/usr.bin/openssl/man/req.1 b/secure/usr.bin/openssl/man/req.1
index e8b1f83..8f5dd2b 100644
--- a/secure/usr.bin/openssl/man/req.1
+++ b/secure/usr.bin/openssl/man/req.1
@@ -1,15 +1,7 @@
-.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37
+.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07)
.\"
.\" Standard preamble:
.\" ========================================================================
-.de Sh \" Subsection heading
-.br
-.if t .Sp
-.ne 5
-.PP
-\fB\\$1\fR
-.PP
-..
.de Sp \" Vertical space (when we can't use .PP)
.if t .sp .5v
.if n .sp
@@ -25,11 +17,11 @@
..
.\" Set up some character translations and predefined strings. \*(-- will
.\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
-.\" double quote, and \*(R" will give a right double quote. | will give a
-.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
-.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
-.\" expand to `' in nroff, nothing in troff, for use with C<>.
-.tr \(*W-|\(bv\*(Tr
+.\" double quote, and \*(R" will give a right double quote. \*(C+ will
+.\" give a nicer C++. Capital omega is used to do unbreakable dashes and
+.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
+.\" nothing in troff, for use with C<>.
+.tr \(*W-
.ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
.ie n \{\
. ds -- \(*W-
@@ -48,22 +40,25 @@
. ds R" ''
'br\}
.\"
+.\" Escape single quotes in literal strings from groff's Unicode transform.
+.ie \n(.g .ds Aq \(aq
+.el .ds Aq '
+.\"
.\" If the F register is turned on, we'll generate index entries on stderr for
-.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
+.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
.\" entries marked with X<> in POD. Of course, you'll have to process the
.\" output yourself in some meaningful fashion.
-.if \nF \{\
+.ie \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. nr % 0
. rr F
.\}
-.\"
-.\" For nroff, turn off justification. Always turn off hyphenation; it makes
-.\" way too many mistakes in technical documents.
-.hy 0
-.if n .na
+.el \{\
+. de IX
+..
+.\}
.\"
.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
.\" Fear. Run. Save yourself. No user-serviceable parts.
@@ -129,7 +124,11 @@
.\" ========================================================================
.\"
.IX Title "REQ 1"
-.TH REQ 1 "2010-03-24" "0.9.8n" "OpenSSL"
+.TH REQ 1 "2010-11-16" "0.9.8p" "OpenSSL"
+.\" For nroff, turn off justification. Always turn off hyphenation; it makes
+.\" way too many mistakes in technical documents.
+.if n .ad l
+.nh
.SH "NAME"
req \- PKCS#10 certificate request and certificate generating utility.
.SH "SYNOPSIS"
@@ -234,7 +233,7 @@ key using information specified in the configuration file.
a file or files containing random data used to seed the random number
generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)).
Multiple files can be specified separated by a OS-dependent character.
-The separator is \fB;\fR for MS\-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
+The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for
all others.
.IP "\fB\-newkey arg\fR" 4
.IX Item "-newkey arg"
@@ -383,7 +382,7 @@ overridden by the \fB\-keyout\fR option.
This specifies a file containing additional \fB\s-1OBJECT\s0 \s-1IDENTIFIERS\s0\fR.
Each line of the file should consist of the numerical form of the
object identifier followed by white space then the short name followed
-by white space and finally the long name.
+by white space and finally the long name.
.IP "\fBoid_section\fR" 4
.IX Item "oid_section"
This specifies a section in the configuration file containing extra
@@ -509,26 +508,26 @@ will be treated as though they were a DirectoryString.
Examine and verify certificate request:
.PP
.Vb 1
-\& openssl req -in req.pem -text -verify -noout
+\& openssl req \-in req.pem \-text \-verify \-noout
.Ve
.PP
Create a private key and then generate a certificate request from it:
.PP
.Vb 2
-\& openssl genrsa -out key.pem 1024
-\& openssl req -new -key key.pem -out req.pem
+\& openssl genrsa \-out key.pem 1024
+\& openssl req \-new \-key key.pem \-out req.pem
.Ve
.PP
The same but just using req:
.PP
.Vb 1
-\& openssl req -newkey rsa:1024 -keyout key.pem -out req.pem
+\& openssl req \-newkey rsa:1024 \-keyout key.pem \-out req.pem
.Ve
.PP
Generate a self signed root certificate:
.PP
.Vb 1
-\& openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem
+\& openssl req \-x509 \-newkey rsa:1024 \-keyout key.pem \-out req.pem
.Ve
.PP
Example of a file pointed to by the \fBoid_file\fR option:
@@ -555,50 +554,32 @@ Sample configuration file prompting for field values:
\& distinguished_name = req_distinguished_name
\& attributes = req_attributes
\& x509_extensions = v3_ca
-.Ve
-.PP
-.Vb 1
+\&
\& dirstring_type = nobmp
-.Ve
-.PP
-.Vb 5
+\&
\& [ req_distinguished_name ]
\& countryName = Country Name (2 letter code)
\& countryName_default = AU
\& countryName_min = 2
\& countryName_max = 2
-.Ve
-.PP
-.Vb 1
+\&
\& localityName = Locality Name (eg, city)
-.Ve
-.PP
-.Vb 1
+\&
\& organizationalUnitName = Organizational Unit Name (eg, section)
-.Ve
-.PP
-.Vb 2
+\&
\& commonName = Common Name (eg, YOUR name)
\& commonName_max = 64
-.Ve
-.PP
-.Vb 2
+\&
\& emailAddress = Email Address
\& emailAddress_max = 40
-.Ve
-.PP
-.Vb 4
+\&
\& [ req_attributes ]
\& challengePassword = A challenge password
\& challengePassword_min = 4
\& challengePassword_max = 20
-.Ve
-.PP
-.Vb 1
+\&
\& [ v3_ca ]
-.Ve
-.PP
-.Vb 3
+\&
\& subjectKeyIdentifier=hash
\& authorityKeyIdentifier=keyid:always,issuer:always
\& basicConstraints = CA:true
@@ -608,9 +589,7 @@ Sample configuration containing all field values:
.PP
.Vb 1
\& RANDFILE = $ENV::HOME/.rnd
-.Ve
-.PP
-.Vb 7
+\&
\& [ req ]
\& default_bits = 1024
\& default_keyfile = keyfile.pem
@@ -618,9 +597,7 @@ Sample configuration containing all field values:
\& attributes = req_attributes
\& prompt = no
\& output_password = mypass
-.Ve
-.PP
-.Vb 8
+\&
\& [ req_distinguished_name ]
\& C = GB
\& ST = Test State or Province
@@ -629,9 +606,7 @@ Sample configuration containing all field values:
\& OU = Organizational Unit Name
\& CN = Common Name
\& emailAddress = test@email.address
-.Ve
-.PP
-.Vb 2
+\&
\& [ req_attributes ]
\& challengePassword = A challenge password
.Ve
@@ -640,15 +615,15 @@ Sample configuration containing all field values:
The header and footer lines in the \fB\s-1PEM\s0\fR format are normally:
.PP
.Vb 2
-\& -----BEGIN CERTIFICATE REQUEST-----
-\& -----END CERTIFICATE REQUEST-----
+\& \-\-\-\-\-BEGIN CERTIFICATE REQUEST\-\-\-\-\-
+\& \-\-\-\-\-END CERTIFICATE REQUEST\-\-\-\-\-
.Ve
.PP
some software (some versions of Netscape certificate server) instead needs:
.PP
.Vb 2
-\& -----BEGIN NEW CERTIFICATE REQUEST-----
-\& -----END NEW CERTIFICATE REQUEST-----
+\& \-\-\-\-\-BEGIN NEW CERTIFICATE REQUEST\-\-\-\-\-
+\& \-\-\-\-\-END NEW CERTIFICATE REQUEST\-\-\-\-\-
.Ve
.PP
which is produced with the \fB\-newhdr\fR option but is otherwise compatible.
@@ -670,7 +645,7 @@ The following messages are frequently asked about:
This is followed some time later by...
.PP
.Vb 2
-\& unable to find 'distinguished_name' in config
+\& unable to find \*(Aqdistinguished_name\*(Aq in config
\& problems making Certificate Request
.Ve
.PP
OpenPOWER on IntegriCloud