mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-01-12 13:36:28 +08:00
Code Issues Packages Projects Releases Wiki Activity
5e98904c23
openssl/doc/man1/openssl-crl2pkcs7.pod.in
Pauli 5e98904c23 man1: make all openssl command line tool documentation generated. 
With the introduction of provider command line options which are applicable to
almost all of the command line tools, it seemed reasonable to make them all
generated.  This simplifes the .gitignore and avoids having to keep two lists
in sync.

Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11167)
2020-03-07 11:46:47 +10:00

106 lines
2.7 KiB
Plaintext
Raw Blame History

=pod
{- OpenSSL::safe::output_do_not_edit_headers(); -}
=head1 NAME
openssl-crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates
=head1 SYNOPSIS
B<openssl> B<crl2pkcs7>
[B<-help>]
[B<-inform> B<DER>|B<PEM>]
[B<-outform> B<DER>|B<PEM>]
[B<-in> I<filename>]
[B<-out> I<filename>]
[B<-certfile> I<filename>]
[B<-nocrl>]
=head1 DESCRIPTION
This command takes an optional CRL and one or more
certificates and converts them into a PKCS#7 degenerate "certificates
only" structure.
=head1 OPTIONS
=over 4
=item B<-help>
Print out a usage message.
=item B<-inform> B<DER>|B<PEM>
The input format of the CRL; the default is B<PEM>.
See L<openssl(1)/Format Options> for details.
=item B<-outform> B<DER>|B<PEM>
The output format of the PKCS#7 object; the default is B<PEM>.
See L<openssl(1)/Format Options> for details.
=item B<-in> I<filename>
This specifies the input filename to read a CRL from or standard input if this
option is not specified.
=item B<-out> I<filename>
Specifies the output filename to write the PKCS#7 structure to or standard
output by default.
=item B<-certfile> I<filename>
Specifies a filename containing one or more certificates in B<PEM> format.
All certificates in the file will be added to the PKCS#7 structure. This
option can be used more than once to read certificates form multiple
files.
=item B<-nocrl>
Normally a CRL is included in the output file. With this option no CRL is
included in the output file and a CRL is not read from the input file.
=back
=head1 EXAMPLES
Create a PKCS#7 structure from a certificate and CRL:
openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem
Creates a PKCS#7 structure in DER format with no CRL from several
different certificates:
openssl crl2pkcs7 -nocrl -certfile newcert.pem
-certfile demoCA/cacert.pem -outform DER -out p7.der
=head1 NOTES
The output file is a PKCS#7 signed data structure containing no signers and
just certificates and an optional CRL.
This command can be used to send certificates and CAs to Netscape as part of
the certificate enrollment process. This involves sending the DER encoded output
as MIME type application/x-x509-user-cert.
The B<PEM> encoded form with the header and footer lines removed can be used to
install user certificates and CAs in MSIE using the Xenroll control.
=head1 SEE ALSO
L<openssl(1)>,
L<openssl-pkcs7(1)>
=head1 COPYRIGHT
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
L<https://www.openssl.org/source/license.html>.
=cut
Reference in New Issue View Git Blame Copy Permalink