NAME¶

pki --req - Create a PKCS#10 certificate request

SYNOPSIS¶

[--in file] [--type type] --dn distinguished-name [--san subjectAltName] [--password password] [--digest digest] [--outform encoding] [--debug level] --options file -h | --help

DESCRIPTION¶

This sub-command of pki(1) is used to create a PKCS#10 certificate request.

OPTIONS¶

-h, --help: Print usage information with a summary of the available options.

-v, --debug level: Set debug level, default: 1.

-+, --options file: Read command line options from file.

-i, --in file: Private key input file. If not given the key is read from STDIN.

-t, --type type: Type of the input key. Either rsa or ecdsa, defaults to rsa.

-d, --dn distinguished-name: Subject distinguished name (DN). Required.

-a, --san subjectAltName: subjectAltName extension to include in request. Can be used multiple times.

-p, --password password: The challengePassword to include in the certificate request.

-g, --digest digest: Digest to use for signature creation. One of md5, sha1, sha224, sha256, sha384, or sha512. Defaults to sha1.

-f, --outform encoding: Encoding of the created certificate file. Either der (ASN.1 DER) or pem (Base64 PEM), defaults to der.

EXAMPLES¶

Generate a certificate request for an RSA key, with a subjectAltName extension:

  pki --req --in key.der --dn "C=CH, O=strongSwan, CN=moon" \
       --san moon@strongswan.org > req.der

Generate a certificate request for an ECDSA key and a different digest:

  pki --req --in key.der --type ecdsa --digest sha256 \
      --dn "C=CH, O=strongSwan, CN=carol"  > req.der

Source file:	pki---req.1.en.gz (from strongswan-starter 5.2.1-6+deb8u6)
Source last updated:	2018-06-14T09:14:30Z
Converted to HTML:	2019-01-02T22:40:22Z

NAME¶

SYNOPSIS¶

DESCRIPTION¶

OPTIONS¶

EXAMPLES¶

SEE ALSO¶