From 938ead8f88dd3edbea7256aa99959b5741a98cc5 Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Sat, 13 Nov 1999 21:28:01 +0000 Subject: [PATCH] Correct x509 manpaghe and add a crl manpage --- doc/man/crl.pod | 108 +++++++++++++++++++++++++++++++++++++++++++++++ doc/man/x509.pod | 4 +- 2 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 doc/man/crl.pod diff --git a/doc/man/crl.pod b/doc/man/crl.pod new file mode 100644 index 0000000000..635c678081 --- /dev/null +++ b/doc/man/crl.pod @@ -0,0 +1,108 @@ +=pod + +=head1 NAME + +crl - CRL utility + +=head1 SYNOPSIS + +B B +[B<-inform PEM|DER>] +[B<-outform PEM|DER>] +[B<-text>] +[B<-in filename>] +[B<-out filename>] +[B<-noout>] +[B<-hash>] +[B<-issuer>] +[B<-lastupdate>] +[B<-nextupdate>] +[B<-CAfile file>] +[B<-CApath dir>] + +=head1 DESCRIPTION + +The B command processes CRL files in DER or PEM format. + +=head1 COMMAND OPTIONS + +=over 4 + +=item B<-inform DER|PEM> + +This specifies the input format. B format is DER encoded CRL +structure.B (the default) is a base64 encoded version of +the DER form with header and footer lines. + +=item B<-outform DER|PEM> + +This specifies the output format, the options have the same meaning as the +B<-inform> option. + +=item B<-in filename> + +This specifies the input filename to read from or standard input if this +option is not specified. + +=item B<-out filename> + +specifies the output filename to write to or standard output by +default. + +=item B<-text> + +print out the CRL in text form. + +=item B<-noout> + +don't output the encoded version of the CRL. + +=item B<-hash> + +output a hash of the issuer name. This can be use to lookup CRLs in +a directory by issuer name. + +=item B<-issuer> + +output the issuer name. + +=item B<-lastupdate> + +output the lastUpdate field. + +=item B<-nextupdate> + +output the nextUpdate field. + +=item B<-CAfile file> + +verify the signature on a CRL by looking up the issuing certificate in +B + +=item B<-CApath dir> + +verify the signature on a CRL by looking up the issuing certificate in +B. This directory must be a standard certificate directory: that +is a hash of each subject name (using B) should be linked +to each certificate. + +=back + +=head1 EXAMPLES + +Convert a CRL file from PEM to DER: + + openssl crl -in crl.pem -outform DER -out crl.der + +Output the text form of a DER encoded certificate: + + openssl crl -in crl.der -text -noout + +=head1 BUGS + +Ideally it should be possible to create a CRL using appropriate options +and files too. + +crl2pkcs7(1), ca(1), x509(1) + +=cut diff --git a/doc/man/x509.pod b/doc/man/x509.pod index 87b0921bb9..9068070b04 100644 --- a/doc/man/x509.pod +++ b/doc/man/x509.pod @@ -117,8 +117,8 @@ outputs the certificate serial number. =item B<-hash> -outputs the "hash" of the certificate issuer name. This is used in OpenSSL to -form an index to allow certificates in a directory to be lookup up by issuer +outputs the "hash" of the certificate subject name. This is used in OpenSSL to +form an index to allow certificates in a directory to be looked up by subject name. =item B<-subject> -- GitLab