Difference between revisions of "Openssl req --help"

From wikieduonline
Jump to navigation Jump to search
(Created page with "{{lc}} == See also == * {{openssl req}} * {{openssl rsa}} Category:CA")
 
Line 1: Line 1:
 
{{lc}}
 
{{lc}}
  
 +
<pre>
 +
openssl req --help
 +
Usage: req [options]
 +
 +
General options:
 +
-help                Display this summary
 +
-engine val          Use engine, possibly a hardware device
 +
-keygen_engine val    Specify engine to be used for key generation operations
 +
-in infile            X.509 request input file (default stdin)
 +
-inform PEM|DER      Input format - DER or PEM
 +
-verify              Verify self-signature on the request
 +
 +
Certificate options:
 +
-new                  New request
 +
-config infile        Request template file
 +
-section val          Config section to use (default "req")
 +
-utf8                Input characters are UTF8 (default ASCII)
 +
-nameopt val          Certificate subject/issuer name printing options
 +
-reqopt val          Various request text options
 +
-text                Text form of request
 +
-x509                Output an X.509 certificate structure instead of a cert request
 +
-CA infile            Issuer cert to use for signing a cert, implies -x509
 +
-CAkey val            Issuer private key to use with -CA; default is -CA arg
 +
                      (Required by some CA's)
 +
-subj val            Set or modify subject of request or cert
 +
-subject              Print the subject of the output request or cert
 +
-multivalue-rdn      Deprecated; multi-valued RDNs support is always on.
 +
-days +int            Number of days cert is valid for
 +
-set_serial val      Serial number to use
 +
-copy_extensions val  copy extensions from request when using -x509
 +
-addext val          Additional cert extension key=value pair (may be given more than once)
 +
-extensions val      Cert extension section (override value in config file)
 +
-reqexts val          Request extension section (override value in config file)
 +
-precert              Add a poison extension to the generated cert (implies -new)
 +
 +
Keys and Signing options:
 +
-key val              Key for signing, and to include unless -in given
 +
-keyform format      Key file format (ENGINE, other values ignored)
 +
-pubkey              Output public key
 +
-keyout outfile      File to write private key to
 +
-passin val          Private key and certificate password source
 +
-passout val          Output file pass phrase source
 +
-newkey val          Generate new key with [<alg>:]<nbits> or <alg>[:<file>] or param:<file>
 +
-pkeyopt val          Public key options as opt:value
 +
-sigopt val          Signature parameter in n:v form
 +
-vfyopt val          Verification parameter in n:v form
 +
-*                    Any supported digest
 +
 +
Output options:
 +
-out outfile          Output file
 +
-outform PEM|DER      Output format - DER or PEM
 +
-batch                Do not ask anything during request generation
 +
-verbose              Verbose output
 +
-noenc                Don't encrypt private keys
 +
-nodes                Don't encrypt private keys; deprecated
 +
-noout                Do not output REQ
 +
-newhdr              Output "NEW" in the header lines
 +
-modulus              RSA modulus
 +
 +
Random state options:
 +
-rand val            Load the given file(s) into the random number generator
 +
-writerand outfile    Write random data to the specified file
 +
 +
Provider options:
 +
-provider-path val    Provider load path (must be before 'provider' argument if required)
 +
-provider val        Provider to load (can be specified multiple times)
 +
-propquery val        Property query used when fetching algorithms
 +
</pre>
  
 
== See also ==
 
== See also ==

Revision as of 09:24, 26 January 2024

openssl req --help
Usage: req [options]

General options:
 -help                 Display this summary
 -engine val           Use engine, possibly a hardware device
 -keygen_engine val    Specify engine to be used for key generation operations
 -in infile            X.509 request input file (default stdin)
 -inform PEM|DER       Input format - DER or PEM
 -verify               Verify self-signature on the request

Certificate options:
 -new                  New request
 -config infile        Request template file
 -section val          Config section to use (default "req")
 -utf8                 Input characters are UTF8 (default ASCII)
 -nameopt val          Certificate subject/issuer name printing options
 -reqopt val           Various request text options
 -text                 Text form of request
 -x509                 Output an X.509 certificate structure instead of a cert request
 -CA infile            Issuer cert to use for signing a cert, implies -x509
 -CAkey val            Issuer private key to use with -CA; default is -CA arg
                       (Required by some CA's)
 -subj val             Set or modify subject of request or cert
 -subject              Print the subject of the output request or cert
 -multivalue-rdn       Deprecated; multi-valued RDNs support is always on.
 -days +int            Number of days cert is valid for
 -set_serial val       Serial number to use
 -copy_extensions val  copy extensions from request when using -x509
 -addext val           Additional cert extension key=value pair (may be given more than once)
 -extensions val       Cert extension section (override value in config file)
 -reqexts val          Request extension section (override value in config file)
 -precert              Add a poison extension to the generated cert (implies -new)

Keys and Signing options:
 -key val              Key for signing, and to include unless -in given
 -keyform format       Key file format (ENGINE, other values ignored)
 -pubkey               Output public key
 -keyout outfile       File to write private key to
 -passin val           Private key and certificate password source
 -passout val          Output file pass phrase source
 -newkey val           Generate new key with [<alg>:]<nbits> or <alg>[:<file>] or param:<file>
 -pkeyopt val          Public key options as opt:value
 -sigopt val           Signature parameter in n:v form
 -vfyopt val           Verification parameter in n:v form
 -*                    Any supported digest

Output options:
 -out outfile          Output file
 -outform PEM|DER      Output format - DER or PEM
 -batch                Do not ask anything during request generation
 -verbose              Verbose output
 -noenc                Don't encrypt private keys
 -nodes                Don't encrypt private keys; deprecated
 -noout                Do not output REQ
 -newhdr               Output "NEW" in the header lines
 -modulus              RSA modulus

Random state options:
 -rand val             Load the given file(s) into the random number generator
 -writerand outfile    Write random data to the specified file

Provider options:
 -provider-path val    Provider load path (must be before 'provider' argument if required)
 -provider val         Provider to load (can be specified multiple times)
 -propquery val        Property query used when fetching algorithms

See also

Advertising: