mirror of
https://github.com/openssl/openssl.git
synced 2024-11-27 05:21:51 +08:00
625c781dc7
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/10316)
132 lines
2.6 KiB
Plaintext
132 lines
2.6 KiB
Plaintext
=pod
|
|
{- OpenSSL::safe::output_do_not_edit_headers(); -}
|
|
|
|
=head1 NAME
|
|
|
|
openssl-crl - CRL utility
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
B<openssl> B<crl>
|
|
[B<-help>]
|
|
[B<-inform> B<DER>|B<PEM>]
|
|
[B<-outform> B<DER>|B<PEM>]
|
|
[B<-keyform> B<DER>|B<PEM>|B<ENGINE>]
|
|
[B<-text>]
|
|
[B<-in> I<filename>]
|
|
[B<-out> I<filename>]
|
|
[B<-nameopt> I<option>]
|
|
[B<-noout>]
|
|
[B<-hash>]
|
|
[B<-issuer>]
|
|
[B<-lastupdate>]
|
|
[B<-nextupdate>]
|
|
{- $OpenSSL::safe::opt_trust_synopsis -}
|
|
|
|
=for openssl ifdef hash_old
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
This command processes CRL files in DER or PEM format.
|
|
|
|
=head1 OPTIONS
|
|
|
|
=over 4
|
|
|
|
=item B<-help>
|
|
|
|
Print out a usage message.
|
|
|
|
=item B<-inform> B<DER>|B<PEM>, B<-outform> B<DER>|B<PEM>
|
|
|
|
The input and output formats of the CRL; the default is B<PEM>.
|
|
See L<openssl(1)/Format Options> for details.
|
|
|
|
=item B<-keyform> B<DER>|B<PEM>|B<ENGINE>
|
|
|
|
The format of the private key file; the default is B<PEM>.
|
|
See L<openssl(1)/Format Options> for details.
|
|
|
|
=item B<-in> I<filename>
|
|
|
|
This specifies the input filename to read from or standard input if this
|
|
option is not specified.
|
|
|
|
=item B<-out> I<filename>
|
|
|
|
Specifies the output filename to write to or standard output by
|
|
default.
|
|
|
|
=item B<-text>
|
|
|
|
Print out the CRL in text form.
|
|
|
|
=item B<-nameopt> I<option>
|
|
|
|
Option which determines how the subject or issuer names are displayed. See
|
|
the description of B<-nameopt> in L<openssl-x509(1)>.
|
|
|
|
=item B<-noout>
|
|
|
|
Don't output the encoded version of the CRL.
|
|
|
|
=item B<-hash>
|
|
|
|
Output a hash of the issuer name. This can be use to lookup CRLs in
|
|
a directory by issuer name.
|
|
|
|
=item B<-hash_old>
|
|
|
|
Outputs the "hash" of the CRL issuer name using the older algorithm
|
|
as used by OpenSSL before version 1.0.0.
|
|
|
|
=item B<-issuer>
|
|
|
|
Output the issuer name.
|
|
|
|
=item B<-lastupdate>
|
|
|
|
Output the lastUpdate field.
|
|
|
|
=item B<-nextupdate>
|
|
|
|
Output the nextUpdate field.
|
|
|
|
{- $OpenSSL::safe::opt_trust_item -}
|
|
|
|
=back
|
|
|
|
=head1 EXAMPLES
|
|
|
|
Convert a CRL file from PEM to DER:
|
|
|
|
openssl crl -in crl.pem -outform DER -out crl.der
|
|
|
|
Output the text form of a DER encoded certificate:
|
|
|
|
openssl crl -in crl.der -inform DER -text -noout
|
|
|
|
=head1 BUGS
|
|
|
|
Ideally it should be possible to create a CRL using appropriate options
|
|
and files too.
|
|
|
|
=head1 SEE ALSO
|
|
|
|
L<openssl(1)>,
|
|
L<openssl-crl2pkcs7(1)>,
|
|
L<openssl-ca(1)>,
|
|
L<openssl-x509(1)>,
|
|
L<ossl_store-file(7)>
|
|
|
|
=head1 COPYRIGHT
|
|
|
|
Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
|
|
|
|
Licensed under the Apache License 2.0 (the "License"). You may not use
|
|
this file except in compliance with the License. You can obtain a copy
|
|
in the file LICENSE in the source distribution or at
|
|
L<https://www.openssl.org/source/license.html>.
|
|
|
|
=cut
|