curl/docs/mk-ca-bundle.1

.Dd Jan 5, 2013
.Dt MK-CA-BUNDLE 1
.Os
.Sh NAME
.Nm mk-ca-bundle
.Nd convert mozilla's certdata.txt to PEM format
.Sh SYNOPSIS
.Nm
.Op Fl bilnqtuv
[outputfile]
.Sh DESCRIPTION
The
.Nm
tool downloads the certdata.txt file from Mozilla's source tree over HTTP,
then parses certdata.txt and extracts CA Root Certificates into PEM format.
These are then processed with the OpenSSL commandline tool to produce the
final ca-bundle file.

The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'
(a single dash) you will get the output sent to STDOUT instead of a file.

The PEM format this scripts uses for output makes the result readily available
for use by just about all OpenSSL or GnuTLS powered applications, such as
curl, wget and more.
.Sh OPTIONS
The following options are supported by
.Nm :
.Bl -tag -width _h
.It Fl b
backup an existing version of \fIoutputfilename\fP.
.It Fl f
force rebuild even if certdata.txt is current (Added in version 1.17)
.It Fl i
print version info about used modules
.It Fl l
print license info about certdata.txt
.It Fl n
no download of certdata.txt (to use existing)
.It Fl q
be really quiet (no progress output at all)
.It Fl t
include plain text listing of certificates
.It Fl u
unlink (remove) certdata.txt after processing
.It Fl v
be verbose and print out processed CAs
.El
.Sh EXIT STATUS
.Ex -std
.Sh SEE ALSO
.Xr curl 1
.Sh HISTORY
.Nm
is a command line tool that is shipped as part of every curl and libcurl
release (see http://curl.haxx.se/). It was originally based on the parse-certs
script written by
.An Roland Krikava
and was later much improved by
.An Guenter Knauf .
This manual page was written by
.An Jan Schaumann
.Aq jschauma@netmeister.org .
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`.Dd Jan 5, 2013`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.Dt MK-CA-BUNDLE 1`
			`.Os`
			`.Sh NAME`
			`.Nm mk-ca-bundle`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`.Nd convert mozilla's certdata.txt to PEM format`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.Sh SYNOPSIS`
			`.Nm`
			`.Op Fl bilnqtuv`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`[outputfile]`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.Sh DESCRIPTION`
			`The`
			`.Nm`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`tool downloads the certdata.txt file from Mozilla's source tree over HTTP,`
			`then parses certdata.txt and extracts CA Root Certificates into PEM format.`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`These are then processed with the OpenSSL commandline tool to produce the`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`final ca-bundle file.`

			`The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-'`
			`(a single dash) you will get the output sent to STDOUT instead of a file.`

			`The PEM format this scripts uses for output makes the result readily available`
			`for use by just about all OpenSSL or GnuTLS powered applications, such as`
			`curl, wget and more.`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.Sh OPTIONS`
			`The following options are supported by`
			`.Nm :`
			`.Bl -tag -width _h`
			`.It Fl b`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`backup an existing version of \fIoutputfilename\fP.`
			`.It Fl f`
			`force rebuild even if certdata.txt is current (Added in version 1.17)`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.It Fl i`
			`print version info about used modules`
			`.It Fl l`
			`print license info about certdata.txt`
			`.It Fl n`
			`no download of certdata.txt (to use existing)`
			`.It Fl q`
			`be really quiet (no progress output at all)`
			`.It Fl t`
			`include plain text listing of certificates`
			`.It Fl u`
			`unlink (remove) certdata.txt after processing`
			`.It Fl v`
			`be verbose and print out processed CAs`
			`.El`
			`.Sh EXIT STATUS`
			`.Ex -std`
			`.Sh SEE ALSO`
			`.Xr curl 1`
			`.Sh HISTORY`
			`.Nm`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`is a command line tool that is shipped as part of every curl and libcurl`
			`release (see http://curl.haxx.se/). It was originally based on the parse-certs`
			`script written by`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.An Roland Krikava`
mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose 2013-01-06 06:49:29 +08:00			`and was later much improved by`
add a manual page for mk-ca-bundle 2012-04-28 01:49:40 +08:00			`.An Guenter Knauf .`
			`This manual page was written by`
			`.An Jan Schaumann`
			`.Aq jschauma@netmeister.org .`