diff options
Diffstat (limited to 'secure/usr.bin/openssl/man/req.1')
-rw-r--r-- | secure/usr.bin/openssl/man/req.1 | 115 |
1 files changed, 45 insertions, 70 deletions
diff --git a/secure/usr.bin/openssl/man/req.1 b/secure/usr.bin/openssl/man/req.1 index e8b1f83..8f5dd2b 100644 --- a/secure/usr.bin/openssl/man/req.1 +++ b/secure/usr.bin/openssl/man/req.1 @@ -1,15 +1,7 @@ -.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.37 +.\" Automatically generated by Pod::Man 2.22 (Pod::Simple 3.07) .\" .\" Standard preamble: .\" ======================================================================== -.de Sh \" Subsection heading -.br -.if t .Sp -.ne 5 -.PP -\fB\\$1\fR -.PP -.. .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp @@ -25,11 +17,11 @@ .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left -.\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to -.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' -.\" expand to `' in nroff, nothing in troff, for use with C<>. -.tr \(*W-|\(bv\*(Tr +.\" double quote, and \*(R" will give a right double quote. \*(C+ will +.\" give a nicer C++. Capital omega is used to do unbreakable dashes and +.\" therefore won't be available. \*(C` and \*(C' expand to `' in nroff, +.\" nothing in troff, for use with C<>. +.tr \(*W- .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ . ds -- \(*W- @@ -48,22 +40,25 @@ . ds R" '' 'br\} .\" +.\" Escape single quotes in literal strings from groff's Unicode transform. +.ie \n(.g .ds Aq \(aq +.el .ds Aq ' +.\" .\" If the F register is turned on, we'll generate index entries on stderr for -.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index +.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. -.if \nF \{\ +.ie \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . nr % 0 . rr F .\} -.\" -.\" For nroff, turn off justification. Always turn off hyphenation; it makes -.\" way too many mistakes in technical documents. -.hy 0 -.if n .na +.el \{\ +. de IX +.. +.\} .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. @@ -129,7 +124,11 @@ .\" ======================================================================== .\" .IX Title "REQ 1" -.TH REQ 1 "2010-03-24" "0.9.8n" "OpenSSL" +.TH REQ 1 "2010-11-16" "0.9.8p" "OpenSSL" +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. +.if n .ad l +.nh .SH "NAME" req \- PKCS#10 certificate request and certificate generating utility. .SH "SYNOPSIS" @@ -234,7 +233,7 @@ key using information specified in the configuration file. a file or files containing random data used to seed the random number generator, or an \s-1EGD\s0 socket (see \fIRAND_egd\fR\|(3)). Multiple files can be specified separated by a OS-dependent character. -The separator is \fB;\fR for MS\-Windows, \fB,\fR for OpenVMS, and \fB:\fR for +The separator is \fB;\fR for MS-Windows, \fB,\fR for OpenVMS, and \fB:\fR for all others. .IP "\fB\-newkey arg\fR" 4 .IX Item "-newkey arg" @@ -383,7 +382,7 @@ overridden by the \fB\-keyout\fR option. This specifies a file containing additional \fB\s-1OBJECT\s0 \s-1IDENTIFIERS\s0\fR. Each line of the file should consist of the numerical form of the object identifier followed by white space then the short name followed -by white space and finally the long name. +by white space and finally the long name. .IP "\fBoid_section\fR" 4 .IX Item "oid_section" This specifies a section in the configuration file containing extra @@ -509,26 +508,26 @@ will be treated as though they were a DirectoryString. Examine and verify certificate request: .PP .Vb 1 -\& openssl req -in req.pem -text -verify -noout +\& openssl req \-in req.pem \-text \-verify \-noout .Ve .PP Create a private key and then generate a certificate request from it: .PP .Vb 2 -\& openssl genrsa -out key.pem 1024 -\& openssl req -new -key key.pem -out req.pem +\& openssl genrsa \-out key.pem 1024 +\& openssl req \-new \-key key.pem \-out req.pem .Ve .PP The same but just using req: .PP .Vb 1 -\& openssl req -newkey rsa:1024 -keyout key.pem -out req.pem +\& openssl req \-newkey rsa:1024 \-keyout key.pem \-out req.pem .Ve .PP Generate a self signed root certificate: .PP .Vb 1 -\& openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem +\& openssl req \-x509 \-newkey rsa:1024 \-keyout key.pem \-out req.pem .Ve .PP Example of a file pointed to by the \fBoid_file\fR option: @@ -555,50 +554,32 @@ Sample configuration file prompting for field values: \& distinguished_name = req_distinguished_name \& attributes = req_attributes \& x509_extensions = v3_ca -.Ve -.PP -.Vb 1 +\& \& dirstring_type = nobmp -.Ve -.PP -.Vb 5 +\& \& [ req_distinguished_name ] \& countryName = Country Name (2 letter code) \& countryName_default = AU \& countryName_min = 2 \& countryName_max = 2 -.Ve -.PP -.Vb 1 +\& \& localityName = Locality Name (eg, city) -.Ve -.PP -.Vb 1 +\& \& organizationalUnitName = Organizational Unit Name (eg, section) -.Ve -.PP -.Vb 2 +\& \& commonName = Common Name (eg, YOUR name) \& commonName_max = 64 -.Ve -.PP -.Vb 2 +\& \& emailAddress = Email Address \& emailAddress_max = 40 -.Ve -.PP -.Vb 4 +\& \& [ req_attributes ] \& challengePassword = A challenge password \& challengePassword_min = 4 \& challengePassword_max = 20 -.Ve -.PP -.Vb 1 +\& \& [ v3_ca ] -.Ve -.PP -.Vb 3 +\& \& subjectKeyIdentifier=hash \& authorityKeyIdentifier=keyid:always,issuer:always \& basicConstraints = CA:true @@ -608,9 +589,7 @@ Sample configuration containing all field values: .PP .Vb 1 \& RANDFILE = $ENV::HOME/.rnd -.Ve -.PP -.Vb 7 +\& \& [ req ] \& default_bits = 1024 \& default_keyfile = keyfile.pem @@ -618,9 +597,7 @@ Sample configuration containing all field values: \& attributes = req_attributes \& prompt = no \& output_password = mypass -.Ve -.PP -.Vb 8 +\& \& [ req_distinguished_name ] \& C = GB \& ST = Test State or Province @@ -629,9 +606,7 @@ Sample configuration containing all field values: \& OU = Organizational Unit Name \& CN = Common Name \& emailAddress = test@email.address -.Ve -.PP -.Vb 2 +\& \& [ req_attributes ] \& challengePassword = A challenge password .Ve @@ -640,15 +615,15 @@ Sample configuration containing all field values: The header and footer lines in the \fB\s-1PEM\s0\fR format are normally: .PP .Vb 2 -\& -----BEGIN CERTIFICATE REQUEST----- -\& -----END CERTIFICATE REQUEST----- +\& \-\-\-\-\-BEGIN CERTIFICATE REQUEST\-\-\-\-\- +\& \-\-\-\-\-END CERTIFICATE REQUEST\-\-\-\-\- .Ve .PP some software (some versions of Netscape certificate server) instead needs: .PP .Vb 2 -\& -----BEGIN NEW CERTIFICATE REQUEST----- -\& -----END NEW CERTIFICATE REQUEST----- +\& \-\-\-\-\-BEGIN NEW CERTIFICATE REQUEST\-\-\-\-\- +\& \-\-\-\-\-END NEW CERTIFICATE REQUEST\-\-\-\-\- .Ve .PP which is produced with the \fB\-newhdr\fR option but is otherwise compatible. @@ -670,7 +645,7 @@ The following messages are frequently asked about: This is followed some time later by... .PP .Vb 2 -\& unable to find 'distinguished_name' in config +\& unable to find \*(Aqdistinguished_name\*(Aq in config \& problems making Certificate Request .Ve .PP |