openssl x509 --help
Jump to navigation
Jump to search
unknown option --help usage: x509 [-C] [-addreject arg] [-addtrust arg] [-alias] [-CA file] [-CAcreateserial] [-CAform der | pem] [-CAkey file] [-CAkeyform der | pem] [-CAserial file] [-certopt option] [-checkend arg] [-clrext] [-clrreject] [-clrtrust] [-dates] [-days arg] [-email] [-enddate] [-extensions section] [-extfile file] [-fingerprint] [-hash] [-in file] [-inform der | net | pem] [-issuer] [-issuer_hash] [-issuer_hash_old] [-keyform der | pem] [-md5 | -sha1] [-modulus] [-nameopt option] [-next_serial] [-noout] [-ocsp_uri] [-ocspid] [-out file] [-outform der | net | pem] [-passin arg] [-pubkey] [-purpose] [-req] [-serial] [-set_serial n] [-setalias arg] [-signkey file] [-sigopt nm:v] [-startdate] [-subject] [-subject_hash] [-subject_hash_old] [-text] [-trustout] [-x509toreq] -C Convert the certificate into C code -addreject arg Reject certificate for a given purpose -addtrust arg Trust certificate for a given purpose -alias Output certificate alias -CA file CA certificate in PEM format unless -CAform is specified -CAcreateserial Create serial number file if it does not exist -CAform fmt CA format - default PEM -CAkey file CA key in PEM format unless -CAkeyform is specified if omitted, the key is assumed to be in the CA file -CAkeyform fmt CA key format - default PEM -CAserial file Serial file -certopt option Various certificate text options -checkend arg Check whether the cert expires in the next arg seconds exit 1 if so, 0 if not -clrext Clear all extensions -clrreject Clear all rejected purposes -clrtrust Clear all trusted purposes -dates Both Before and After dates -days arg How long till expiry of a signed certificate - def 30 days -email Print email address(es) -enddate Print notAfter field -extensions section Section from config file with X509V3 extensions to add -extfile file Configuration file with X509V3 extensions to add -fingerprint Print the certificate fingerprint -hash Synonym for -subject_hash -in file Input file - default stdin -inform fmt Input format - default PEM (one of DER, NET or PEM) -issuer Print issuer name -issuer_hash Print issuer hash value -issuer_hash_old Print old-style (MD5) issuer hash value -keyform fmt Private key format - default PEM -modulus Print the RSA key modulus -nameopt option Various certificate name options -next_serial Print the next serial number -noout No certificate output -ocsp_uri Print OCSP Responder URL(s) -ocspid Print OCSP hash values for the subject name and public key -out file Output file - default stdout -outform fmt Output format - default PEM (one of DER, NET or PEM) -passin src Private key password source -pubkey Output the public key -purpose Print out certificate purposes -req Input is a certificate request, sign and output -serial Print serial number value -set_serial n Serial number to use -setalias arg Set certificate alias -signkey file Self sign cert with arg -sigopt nm:v Various signature algorithm options -startdate Print notBefore field -subject Print subject name -subject_hash Print subject hash value -subject_hash_old Print old-style (MD5) subject hash value -text Print the certificate in text form -trustout Output a trusted certificate -x509toreq Output a certification request object
See also
Advertising: