LibraryLink ToToggle FramesPrintFeedback

The x509 Utility

In FUSE Services Framework the x509 utility is mainly used for:

The options supported by the openssl x509 utility are as follows:

-inform arg

- input format - default PEM (one of DER, NET or PEM)

-outform arg

- output format - default PEM (one of DER, NET or PEM

-keyform arg

- private key format - default PEM

-CAform arg

- CA format - default PEM

-CAkeyform arg

- CA key format - default PEM

-in arg

- input file - default stdin

-out arg

- output file - default stdout

-serial

- print serial number value

-hash

- print serial number value

-subject

- print subject DN

-issuer

- print issuer DN

-startdate

- notBefore field

-enddate

- notAfter field

-dates

- both Before and After dates

-modulus

- print the RSA key modulus

-fingerprint

- print the certificate fingerprint

-noout

- no certificate output

-days arg

- How long till expiry of a signed certificate - def 30 days

-signkey arg

- self sign cert with arg

-x509toreq

- output a certification request object

-req

- input is a certificate request, sign and output

-CA arg

- set the CA certificate, must be PEM format

-CAkey arg

- set the CA key, must be PEM format. If missing it is assumed to be in the CA file

-CAcreateserial

- create serial number file if it does not exist

-CAserial

- serial file

-text

- print the certificate in text form

-C

- print out C code forms

-md2/-md5/-sha1/ -mdc2- digest to do an RSA sign with

To print the text details of an existing PEM-format X.509 certificate, use the x509 utility as follows:

openssl x509 -in MyCert.pem -inform PEM -text

To print the text details of an existing DER-format X.509 certificate, use the x509 utility as follows:

openssl x509 -in MyCert.der -inform DER -text

To change a certificate from PEM format to DER format, use the x509 utility as follows:

openssl x509 -in MyCert.pem -inform PEM -outform DER -out MyCert.der