LibraryToggle FramesPrintFeedback

The options supported by the openssl req utility are as follows:

-inform arg

input format - one of DER TXT PEM

-outform

arg output format - one of DER TXT PEM

-in arg

inout file

-out arg

output file

-text

text form of request

-noout

do not output REQ

-verify

verify signature on REQ

-modulus

RSA modulus

-nodes

do not encrypt the output key

-key file

use the private key contained in file

-keyform arg

key file format

-keyout arg

file to send the key to

-newkey rsa:bits

generate a new RSA key of ‘bits’ in size

-newkey dsa:file

generate a new DSA key, parameters taken from CA in ‘file’

-[digest]

Digest to sign with (md5, sha1, md2, mdc2)

-config file

request template file

-new

new request

-x509

output an x509 structure instead of a certificate req. (Used for creating self signed certificates)

-days

number of days an x509 generated by -x509 is valid for

-asn1-kludge

by default, the req command generates the correct PKCS#10 format for certificate requests that contain no attributes. However, certain CAs only accept requests containing no attributes in an invalid form: this option produces this invalid format.

Comments powered by Disqus
loading table of contents...