NAME¶

pki --verify - Verify a certificate using a CA certificate

SYNOPSIS¶

pki --verify [--in file] [--cacert file] [--crl file] [--debug level] [--online]

pki --verify --options file

pki --verify -h | --help

DESCRIPTION¶

This sub-command of pki(1) verifies a certificate using an optional CA certificate.

OPTIONS¶

-h, --help: Print usage information with a summary of the available options.
-v, --debug level: Set debug level, default: 1.
-+, --options file: Read command line options from file.
-i, --in file: X.509 certificate to verify. If not given it is read from STDIN.
-c, --cacert file: CA certificate to use for trustchain verification. If not given the certificate is assumed to be self-signed.
-l, --crl file: Local CRL to use for trustchain verification. Implies -o.
-o, --online: Enable online CRL/OCSP revocation checking.

EXIT STATUS¶

The exit status is 0 if the certificate was verified successfully, 1 if the certificate is untrusted, 2 if the certificate's lifetimes are invalid, and 3 if the certificate was verified successfully but the online revocation check indicated that it has been revoked.

Source file:	pki---verify.1.en.gz (from strongswan-pki )
Source last updated:	2017-05-19T09:32:00Z
Converted to HTML:	2022-09-07T21:06:38Z

NAME¶

SYNOPSIS¶

DESCRIPTION¶

OPTIONS¶

EXIT STATUS¶

SEE ALSO¶