Difference between revisions of "Openssl req --help"
Jump to navigation
Jump to search
(Created page with "{{lc}} == See also == * {{openssl req}} * {{openssl rsa}} Category:CA") |
|||
Line 1: | Line 1: | ||
{{lc}} | {{lc}} | ||
+ | <pre> | ||
+ | openssl req --help | ||
+ | Usage: req [options] | ||
+ | |||
+ | General options: | ||
+ | -help Display this summary | ||
+ | -engine val Use engine, possibly a hardware device | ||
+ | -keygen_engine val Specify engine to be used for key generation operations | ||
+ | -in infile X.509 request input file (default stdin) | ||
+ | -inform PEM|DER Input format - DER or PEM | ||
+ | -verify Verify self-signature on the request | ||
+ | |||
+ | Certificate options: | ||
+ | -new New request | ||
+ | -config infile Request template file | ||
+ | -section val Config section to use (default "req") | ||
+ | -utf8 Input characters are UTF8 (default ASCII) | ||
+ | -nameopt val Certificate subject/issuer name printing options | ||
+ | -reqopt val Various request text options | ||
+ | -text Text form of request | ||
+ | -x509 Output an X.509 certificate structure instead of a cert request | ||
+ | -CA infile Issuer cert to use for signing a cert, implies -x509 | ||
+ | -CAkey val Issuer private key to use with -CA; default is -CA arg | ||
+ | (Required by some CA's) | ||
+ | -subj val Set or modify subject of request or cert | ||
+ | -subject Print the subject of the output request or cert | ||
+ | -multivalue-rdn Deprecated; multi-valued RDNs support is always on. | ||
+ | -days +int Number of days cert is valid for | ||
+ | -set_serial val Serial number to use | ||
+ | -copy_extensions val copy extensions from request when using -x509 | ||
+ | -addext val Additional cert extension key=value pair (may be given more than once) | ||
+ | -extensions val Cert extension section (override value in config file) | ||
+ | -reqexts val Request extension section (override value in config file) | ||
+ | -precert Add a poison extension to the generated cert (implies -new) | ||
+ | |||
+ | Keys and Signing options: | ||
+ | -key val Key for signing, and to include unless -in given | ||
+ | -keyform format Key file format (ENGINE, other values ignored) | ||
+ | -pubkey Output public key | ||
+ | -keyout outfile File to write private key to | ||
+ | -passin val Private key and certificate password source | ||
+ | -passout val Output file pass phrase source | ||
+ | -newkey val Generate new key with [<alg>:]<nbits> or <alg>[:<file>] or param:<file> | ||
+ | -pkeyopt val Public key options as opt:value | ||
+ | -sigopt val Signature parameter in n:v form | ||
+ | -vfyopt val Verification parameter in n:v form | ||
+ | -* Any supported digest | ||
+ | |||
+ | Output options: | ||
+ | -out outfile Output file | ||
+ | -outform PEM|DER Output format - DER or PEM | ||
+ | -batch Do not ask anything during request generation | ||
+ | -verbose Verbose output | ||
+ | -noenc Don't encrypt private keys | ||
+ | -nodes Don't encrypt private keys; deprecated | ||
+ | -noout Do not output REQ | ||
+ | -newhdr Output "NEW" in the header lines | ||
+ | -modulus RSA modulus | ||
+ | |||
+ | Random state options: | ||
+ | -rand val Load the given file(s) into the random number generator | ||
+ | -writerand outfile Write random data to the specified file | ||
+ | |||
+ | Provider options: | ||
+ | -provider-path val Provider load path (must be before 'provider' argument if required) | ||
+ | -provider val Provider to load (can be specified multiple times) | ||
+ | -propquery val Property query used when fetching algorithms | ||
+ | </pre> | ||
== See also == | == See also == |
Revision as of 09:24, 26 January 2024
openssl req --help Usage: req [options] General options: -help Display this summary -engine val Use engine, possibly a hardware device -keygen_engine val Specify engine to be used for key generation operations -in infile X.509 request input file (default stdin) -inform PEM|DER Input format - DER or PEM -verify Verify self-signature on the request Certificate options: -new New request -config infile Request template file -section val Config section to use (default "req") -utf8 Input characters are UTF8 (default ASCII) -nameopt val Certificate subject/issuer name printing options -reqopt val Various request text options -text Text form of request -x509 Output an X.509 certificate structure instead of a cert request -CA infile Issuer cert to use for signing a cert, implies -x509 -CAkey val Issuer private key to use with -CA; default is -CA arg (Required by some CA's) -subj val Set or modify subject of request or cert -subject Print the subject of the output request or cert -multivalue-rdn Deprecated; multi-valued RDNs support is always on. -days +int Number of days cert is valid for -set_serial val Serial number to use -copy_extensions val copy extensions from request when using -x509 -addext val Additional cert extension key=value pair (may be given more than once) -extensions val Cert extension section (override value in config file) -reqexts val Request extension section (override value in config file) -precert Add a poison extension to the generated cert (implies -new) Keys and Signing options: -key val Key for signing, and to include unless -in given -keyform format Key file format (ENGINE, other values ignored) -pubkey Output public key -keyout outfile File to write private key to -passin val Private key and certificate password source -passout val Output file pass phrase source -newkey val Generate new key with [<alg>:]<nbits> or <alg>[:<file>] or param:<file> -pkeyopt val Public key options as opt:value -sigopt val Signature parameter in n:v form -vfyopt val Verification parameter in n:v form -* Any supported digest Output options: -out outfile Output file -outform PEM|DER Output format - DER or PEM -batch Do not ask anything during request generation -verbose Verbose output -noenc Don't encrypt private keys -nodes Don't encrypt private keys; deprecated -noout Do not output REQ -newhdr Output "NEW" in the header lines -modulus RSA modulus Random state options: -rand val Load the given file(s) into the random number generator -writerand outfile Write random data to the specified file Provider options: -provider-path val Provider load path (must be before 'provider' argument if required) -provider val Provider to load (can be specified multiple times) -propquery val Property query used when fetching algorithms
See also
Advertising: