Bug#505382: here come the other manual pages
gurkan
gurkan at phys.ethz.ch
Fri Dec 4 13:35:58 UTC 2009
Thanks for including/improving them.
Yours,
Guerkan
-------------- next part --------------
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36.
.TH -A "1" "December 2009" "-A Add a certificate to the database (create if needed)" "User Commands"
.SH NAME
-A \- manual page for -A Add a certificate to the database (create if needed)
.SH DESCRIPTION
\fB\-A\fR Add a certificate to the database (create if needed)
.IP
All options under \fB\-E\fR apply
.PP
\fB\-B\fR Run a series of certutil commands from a batch file
.TP
\fB\-i\fR batch\-file
Specify the batch file
.PP
\fB\-E\fR Add an Email certificate to the database (create if needed)
.TP
\fB\-n\fR cert\-name
Specify the nickname of the certificate to add
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes:
trustargs is of the form x,y,z where x is for SSL, y is for S/MIME,
and z is for code signing
p valid peer
P trusted peer (implies p)
c valid CA
T trusted CA to issue client certs (implies c)
C trusted CA to issue server certs (implies c)
u user cert
w send warning
g make step\-up cert
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-a\fR
The input certificate is encoded in ASCII (RFC1113)
.TP
\fB\-i\fR input
Specify the certificate file (default is stdin)
.PP
\fB\-C\fR Create a new binary certificate from a BINARY cert request
.TP
\fB\-c\fR issuer\-name
The nickname of the issuer cert
.TP
\fB\-i\fR cert\-request
The BINARY certificate request file
.TP
\fB\-o\fR output\-cert
Output binary cert to this file (default is stdout)
.TP
\fB\-x\fR
Self sign
.TP
\fB\-m\fR serial\-number
Cert serial number
.TP
\fB\-w\fR warp\-months
Time Warp
.TP
\fB\-v\fR months\-valid
Months valid (default is 3)
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-1\fR | \fB\-\-keyUsage\fR keyword,keyword,...
Create key usage extension. Possible keywords:
"digitalSignature", "nonRepudiation", "keyEncipherment",
"dataEncipherment", "keyAgreement", "certSigning",
"crlSigning", "critical"
.TP
\fB\-2\fR
Create basic constraint extension
.TP
\fB\-3\fR
Create authority key ID extension
.TP
\fB\-4\fR
Create crl distribution point extension
.TP
\fB\-5\fR | \fB\-nsCertType\fR keyword,keyword,...
Create netscape cert type extension. Possible keywords:
"sslClient", "sslServer", "smime", "objectSigning",
"sslCA", "smimeCA", "objectSigningCA", "critical".
.TP
\fB\-6\fR | \fB\-\-extKeyUsage\fR keyword,keyword,...
Create extended key usage extension. Possible keywords:
"serverAuth", "clientAuth","codeSigning",
"emailProtection", "timeStamp","ocspResponder",
"stepUp", "critical"
.TP
\fB\-7\fR emailAddrs
Create an email subject alt name extension
.TP
\fB\-8\fR dnsNames
Create an dns subject alt name extension
.TP
\fB\-a\fR
The input certificate request is encoded in ASCII (RFC1113)
.PP
\fB\-G\fR Generate a new key pair
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-k\fR key\-type
Type of key pair to generate ("dsa", "ec", "rsa" (default))
.TP
\fB\-g\fR key\-size
Key size in bits, (min 512, max 8192, default 1024) (not for ec)
.TP
\fB\-y\fR exp
Set the public exponent value (3, 17, 65537) (rsa only)
.TP
\fB\-f\fR password\-file
Specify the password file
.TP
\fB\-z\fR noisefile
Specify the noise file to be used
.TP
\fB\-q\fR pqgfile
read PQG value from pqgfile (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
One of nistp256, nistp384, nistp521
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-D\fR Delete a certificate from the database
.TP
\fB\-n\fR cert\-name
The nickname of the cert to delete
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-U\fR List all modules
.TP
\fB\-d\fR moddir
Module database directory (default is '~/.netscape')
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-K\fR List all private keys
.TP
\fB\-h\fR token\-name
Name of token to search ("all" for all tokens)
.TP
\fB\-k\fR key\-type
Key type ("all" (default), "dsa", "ec", "rsa")
.TP
\fB\-n\fR name
The nickname of the key or associated certificate
.TP
\fB\-f\fR password\-file
Specify the password file
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-L\fR List all certs, or print out a single named cert
.TP
\fB\-n\fR cert\-name
Pretty print named cert (list all if unspecified)
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.TP
\fB\-r\fR
For single cert, print binary DER encoding
.TP
\fB\-a\fR
For single cert, print ASCII encoding (RFC1113)
.PP
\fB\-M\fR Modify trust attributes of certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to modify
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes (see \fB\-A\fR above)
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-N\fR Create a new certificate database
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-T\fR Reset the Key database or token
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-h\fR token\-name
Token to reset (default is internal)
.TP
\fB\-0\fR SSO\-password
Set token's Site Security Officer password
.PP
\fB\-O\fR Print the chain of a certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to modify
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-R\fR Generate a certificate request (stdout)
.TP
\fB\-s\fR subject
Specify the subject name (using RFC1485)
.TP
\fB\-o\fR output\-req
Output the cert request to this file
.TP
\fB\-k\fR key\-type\-or\-id Type of key pair to generate ("dsa", "ec", "rsa" (default))
or nickname of the cert key to use
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-g\fR key\-size
Key size in bits, RSA keys only (min 512, max 8192, default 1024)
.TP
\fB\-q\fR pqgfile
Name of file containing PQG parameters (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
See the "\-G" option for a full list of supported names.
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-p\fR phone
Specify the contact phone number ("123\-456\-7890")
.TP
\fB\-a\fR
Output the cert request in ASCII (RFC1113); default is binary
.IP
See \fB\-S\fR for available extension options
.PP
\fB\-V\fR Validate a certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to Validate
.TP
\fB\-b\fR time
validity time ("YYMMDDHHMMSS[+HHMM|\-HHMM|Z]")
.TP
\fB\-e\fR
Check certificate signature
.TP
\fB\-u\fR certusage
Specify certificate usage:
C SSL Client
V SSL Server
S Email signer
R Email Recipient
O OCSP status responder
J Object signer
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-\-upgrade\-merge\fR Upgrade an old database and merge it into a new one
.TP
\fB\-d\fR certdir
Cert database directory to merge into (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix of the target database
.TP
\fB\-f\fR pwfile
Specify the password file for the target database
.TP
\fB\-\-source\-dir\fR certdir
Cert database directory to upgrade from
.TP
\fB\-\-soruce\-prefix\fR dbprefix
Cert & Key database prefix of the upgrade database
.TP
\fB\-\-upgrade\-id\fR uniqueID
Unique identifier for the upgrade database
.TP
\fB\-\-upgrade\-token\-name\fR name
Name of the token while it is in upgrade state
.TP
\-@ pwfile
Specify the password file for the upgrade database
.PP
\fB\-\-merge\fR Merge source database into the target database
.TP
\fB\-d\fR certdir
Cert database directory of target (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix of the target database
.TP
\fB\-f\fR pwfile
Specify the password file for the target database
.TP
\fB\-\-source\-dir\fR certdir
Cert database directory of the source database
.TP
\fB\-\-source\-prefix\fR dbprefix
Cert & Key database prefix of the source database
.TP
\-@ pwfile
Specify the password file for the source database
.PP
\fB\-S\fR Make a certificate and add to database
.TP
\fB\-n\fR key\-name
Specify the nickname of the cert
.TP
\fB\-s\fR subject
Specify the subject name (using RFC1485)
.TP
\fB\-c\fR issuer\-name
The nickname of the issuer cert
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes (see \fB\-A\fR above)
.HP
\fB\-k\fR key\-type\-or\-id Type of key pair to generate ("dsa", "ec", "rsa" (default))
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-g\fR key\-size
Key size in bits, RSA keys only (min 512, max 8192, default 1024)
.TP
\fB\-q\fR pqgfile
Name of file containing PQG parameters (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
See the "\-G" option for a full list of supported names.
.TP
\fB\-x\fR
Self sign
.TP
\fB\-m\fR serial\-number
Cert serial number
.TP
\fB\-w\fR warp\-months
Time Warp
.TP
\fB\-v\fR months\-valid
Months valid (default is 3)
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-p\fR phone
Specify the contact phone number ("123\-456\-7890")
.TP
\fB\-1\fR
Create key usage extension
.TP
\fB\-2\fR
Create basic constraint extension
.TP
\fB\-3\fR
Create authority key ID extension
.TP
\fB\-4\fR
Create crl distribution point extension
.TP
\fB\-5\fR
Create netscape cert type extension
.TP
\fB\-6\fR
Create extended key usage extension
.TP
\fB\-7\fR emailAddrs
Create an email subject alt name extension
.TP
\fB\-8\fR DNS\-names
Create a DNS subject alt name extension
.TP
\fB\-\-extAIA\fR
Create an Authority Information Access extension
.TP
\fB\-\-extSIA\fR
Create a Subject Information Access extension
.TP
\fB\-\-extCP\fR
Create a Certificate Policies extension
.TP
\fB\-\-extPM\fR
Create a Policy Mappings extension
.TP
\fB\-\-extPC\fR
Create a Policy Constraints extension
.TP
\fB\-\-extIA\fR
Create an Inhibit Any Policy extension
.TP
\fB\-\-extSKID\fR
Create a subject key ID extension
.IP
All options under \fB\-E\fR apply
.PP
\fB\-B\fR Run a series of certutil commands from a batch file
.TP
\fB\-i\fR batch\-file
Specify the batch file
.PP
\fB\-E\fR Add an Email certificate to the database (create if needed)
.TP
\fB\-n\fR cert\-name
Specify the nickname of the certificate to add
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes:
trustargs is of the form x,y,z where x is for SSL, y is for S/MIME,
and z is for code signing
p valid peer
P trusted peer (implies p)
c valid CA
T trusted CA to issue client certs (implies c)
C trusted CA to issue server certs (implies c)
u user cert
w send warning
g make step\-up cert
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-a\fR
The input certificate is encoded in ASCII (RFC1113)
.TP
\fB\-i\fR input
Specify the certificate file (default is stdin)
.PP
\fB\-C\fR Create a new binary certificate from a BINARY cert request
.TP
\fB\-c\fR issuer\-name
The nickname of the issuer cert
.TP
\fB\-i\fR cert\-request
The BINARY certificate request file
.TP
\fB\-o\fR output\-cert
Output binary cert to this file (default is stdout)
.TP
\fB\-x\fR
Self sign
.TP
\fB\-m\fR serial\-number
Cert serial number
.TP
\fB\-w\fR warp\-months
Time Warp
.TP
\fB\-v\fR months\-valid
Months valid (default is 3)
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-1\fR | \fB\-\-keyUsage\fR keyword,keyword,...
Create key usage extension. Possible keywords:
"digitalSignature", "nonRepudiation", "keyEncipherment",
"dataEncipherment", "keyAgreement", "certSigning",
"crlSigning", "critical"
.TP
\fB\-2\fR
Create basic constraint extension
.TP
\fB\-3\fR
Create authority key ID extension
.TP
\fB\-4\fR
Create crl distribution point extension
.TP
\fB\-5\fR | \fB\-nsCertType\fR keyword,keyword,...
Create netscape cert type extension. Possible keywords:
"sslClient", "sslServer", "smime", "objectSigning",
"sslCA", "smimeCA", "objectSigningCA", "critical".
.TP
\fB\-6\fR | \fB\-\-extKeyUsage\fR keyword,keyword,...
Create extended key usage extension. Possible keywords:
"serverAuth", "clientAuth","codeSigning",
"emailProtection", "timeStamp","ocspResponder",
"stepUp", "critical"
.TP
\fB\-7\fR emailAddrs
Create an email subject alt name extension
.TP
\fB\-8\fR dnsNames
Create an dns subject alt name extension
.TP
\fB\-a\fR
The input certificate request is encoded in ASCII (RFC1113)
.PP
\fB\-G\fR Generate a new key pair
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-k\fR key\-type
Type of key pair to generate ("dsa", "ec", "rsa" (default))
.TP
\fB\-g\fR key\-size
Key size in bits, (min 512, max 8192, default 1024) (not for ec)
.TP
\fB\-y\fR exp
Set the public exponent value (3, 17, 65537) (rsa only)
.TP
\fB\-f\fR password\-file
Specify the password file
.TP
\fB\-z\fR noisefile
Specify the noise file to be used
.TP
\fB\-q\fR pqgfile
read PQG value from pqgfile (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
One of nistp256, nistp384, nistp521
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-D\fR Delete a certificate from the database
.TP
\fB\-n\fR cert\-name
The nickname of the cert to delete
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-U\fR List all modules
.TP
\fB\-d\fR moddir
Module database directory (default is '~/.netscape')
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-K\fR List all private keys
.TP
\fB\-h\fR token\-name
Name of token to search ("all" for all tokens)
.TP
\fB\-k\fR key\-type
Key type ("all" (default), "dsa", "ec", "rsa")
.TP
\fB\-n\fR name
The nickname of the key or associated certificate
.TP
\fB\-f\fR password\-file
Specify the password file
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-L\fR List all certs, or print out a single named cert
.TP
\fB\-n\fR cert\-name
Pretty print named cert (list all if unspecified)
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.TP
\fB\-r\fR
For single cert, print binary DER encoding
.TP
\fB\-a\fR
For single cert, print ASCII encoding (RFC1113)
.PP
\fB\-M\fR Modify trust attributes of certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to modify
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes (see \fB\-A\fR above)
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-N\fR Create a new certificate database
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.PP
\fB\-T\fR Reset the Key database or token
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-h\fR token\-name
Token to reset (default is internal)
.TP
\fB\-0\fR SSO\-password
Set token's Site Security Officer password
.PP
\fB\-O\fR Print the chain of a certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to modify
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-R\fR Generate a certificate request (stdout)
.TP
\fB\-s\fR subject
Specify the subject name (using RFC1485)
.TP
\fB\-o\fR output\-req
Output the cert request to this file
.TP
\fB\-k\fR key\-type\-or\-id Type of key pair to generate ("dsa", "ec", "rsa" (default))
or nickname of the cert key to use
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-g\fR key\-size
Key size in bits, RSA keys only (min 512, max 8192, default 1024)
.TP
\fB\-q\fR pqgfile
Name of file containing PQG parameters (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
See the "\-G" option for a full list of supported names.
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR keydir
Key database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-p\fR phone
Specify the contact phone number ("123\-456\-7890")
.TP
\fB\-a\fR
Output the cert request in ASCII (RFC1113); default is binary
.IP
See \fB\-S\fR for available extension options
.PP
\fB\-V\fR Validate a certificate
.TP
\fB\-n\fR cert\-name
The nickname of the cert to Validate
.TP
\fB\-b\fR time
validity time ("YYMMDDHHMMSS[+HHMM|\-HHMM|Z]")
.TP
\fB\-e\fR
Check certificate signature
.TP
\fB\-u\fR certusage
Specify certificate usage:
C SSL Client
V SSL Server
S Email signer
R Email Recipient
O OCSP status responder
J Object signer
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-X\fR
force the database to open R/W
.PP
\fB\-\-upgrade\-merge\fR Upgrade an old database and merge it into a new one
.TP
\fB\-d\fR certdir
Cert database directory to merge into (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix of the target database
.TP
\fB\-f\fR pwfile
Specify the password file for the target database
.TP
\fB\-\-source\-dir\fR certdir
Cert database directory to upgrade from
.TP
\fB\-\-soruce\-prefix\fR dbprefix
Cert & Key database prefix of the upgrade database
.TP
\fB\-\-upgrade\-id\fR uniqueID
Unique identifier for the upgrade database
.TP
\fB\-\-upgrade\-token\-name\fR name
Name of the token while it is in upgrade state
.TP
\-@ pwfile
Specify the password file for the upgrade database
.PP
\fB\-\-merge\fR Merge source database into the target database
.TP
\fB\-d\fR certdir
Cert database directory of target (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix of the target database
.TP
\fB\-f\fR pwfile
Specify the password file for the target database
.TP
\fB\-\-source\-dir\fR certdir
Cert database directory of the source database
.TP
\fB\-\-source\-prefix\fR dbprefix
Cert & Key database prefix of the source database
.TP
\-@ pwfile
Specify the password file for the source database
.PP
\fB\-S\fR Make a certificate and add to database
.TP
\fB\-n\fR key\-name
Specify the nickname of the cert
.TP
\fB\-s\fR subject
Specify the subject name (using RFC1485)
.TP
\fB\-c\fR issuer\-name
The nickname of the issuer cert
.TP
\fB\-t\fR trustargs
Set the certificate trust attributes (see \fB\-A\fR above)
.HP
\fB\-k\fR key\-type\-or\-id Type of key pair to generate ("dsa", "ec", "rsa" (default))
.TP
\fB\-h\fR token\-name
Name of token in which to generate key (default is internal)
.TP
\fB\-g\fR key\-size
Key size in bits, RSA keys only (min 512, max 8192, default 1024)
.TP
\fB\-q\fR pqgfile
Name of file containing PQG parameters (dsa only)
.TP
\fB\-q\fR curve\-name
Elliptic curve name (ec only)
See the "\-G" option for a full list of supported names.
.TP
\fB\-x\fR
Self sign
.TP
\fB\-m\fR serial\-number
Cert serial number
.TP
\fB\-w\fR warp\-months
Time Warp
.TP
\fB\-v\fR months\-valid
Months valid (default is 3)
.TP
\fB\-f\fR pwfile
Specify the password file
.TP
\fB\-d\fR certdir
Cert database directory (default is ~/.netscape)
.TP
\fB\-P\fR dbprefix
Cert & Key database prefix
.TP
\fB\-p\fR phone
Specify the contact phone number ("123\-456\-7890")
.TP
\fB\-1\fR
Create key usage extension
.TP
\fB\-2\fR
Create basic constraint extension
.TP
\fB\-3\fR
Create authority key ID extension
.TP
\fB\-4\fR
Create crl distribution point extension
.TP
\fB\-5\fR
Create netscape cert type extension
.TP
\fB\-6\fR
Create extended key usage extension
.TP
\fB\-7\fR emailAddrs
Create an email subject alt name extension
.TP
\fB\-8\fR DNS\-names
Create a DNS subject alt name extension
.TP
\fB\-\-extAIA\fR
Create an Authority Information Access extension
.TP
\fB\-\-extSIA\fR
Create a Subject Information Access extension
.TP
\fB\-\-extCP\fR
Create a Certificate Policies extension
.TP
\fB\-\-extPM\fR
Create a Policy Mappings extension
.TP
\fB\-\-extPC\fR
Create a Policy Constraints extension
.TP
\fB\-\-extIA\fR
Create an Inhibit Any Policy extension
.TP
\fB\-\-extSKID\fR
Create a subject key ID extension
.SH "SEE ALSO"
The full documentation for
.B -A
is maintained as a Texinfo manual. If the
.B info
and
.B -A
programs are properly installed at your site, the command
.IP
.B info -A
.PP
should give you access to the complete manual.
-------------- next part --------------
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36.
.TH SHLIBSIGN "1" "December 2009" "shlibsign test program usage:" "User Commands"
.SH NAME
shlibsign \- manual page for shlibsign test program usage:
.SH DESCRIPTION
.SS "shlibsign test program usage:"
.TP
\fB\-i\fR <infile>
shared_library_name to process
.HP
\fB\-o\fR <outfile> checksum outfile
.TP
\fB\-d\fR <path>
database path location
.TP
\fB\-P\fR <prefix>
database prefix
.TP
\fB\-f\fR <file>
password File : echo pw > file
.TP
\fB\-F\fR
FIPS mode
.TP
\fB\-p\fR <pwd>
password
.TP
\fB\-v\fR
verbose output
.TP
\fB\-V\fR
perform Verify operations
.TP
\-?
short help message
.TP
\fB\-h\fR
short help message
.TP
\fB\-H\fR
this help message
.IP
Note: Use of FIPS mode requires your library path is using
.IP
pre\-existing libraries with generated checksum files
and database in FIPS mode
.TP
\fB\-i\fR <infile>
shared_library_name to process
.HP
\fB\-o\fR <outfile> checksum outfile
.TP
\fB\-d\fR <path>
database path location
.TP
\fB\-P\fR <prefix>
database prefix
.TP
\fB\-f\fR <file>
password File : echo pw > file
.TP
\fB\-F\fR
FIPS mode
.TP
\fB\-p\fR <pwd>
password
.TP
\fB\-v\fR
verbose output
.TP
\fB\-V\fR
perform Verify operations
.TP
\-?
short help message
.TP
\fB\-h\fR
short help message
.TP
\fB\-H\fR
this help message
.IP
Note: Use of FIPS mode requires your library path is using
.IP
pre\-existing libraries with generated checksum files
and database in FIPS mode
.SH "SEE ALSO"
The full documentation for
.B shlibsign
is maintained as a Texinfo manual. If the
.B info
and
.B shlibsign
programs are properly installed at your site, the command
.IP
.B info shlibsign
.PP
should give you access to the complete manual.
-------------- next part --------------
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36.
.TH SIGNING "1" "December 2009" "Signing Tool 3.12.3.1 Basic ECC -a signing tool for jar files" "User Commands"
.SH NAME
Signing \- manual page for Signing Tool 3.12.3.1 Basic ECC -a signing tool for jar files
.SH DESCRIPTION
Signing Tool 3.12.3.1 Basic ECC \fB\-a\fR signing tool for jar files
.PP
signtool directory\-tree Signs the directory\-tree
.TP
\fB\-k\fR keyname
Nickname (key) of the certificate to sign with
.TP
\fB\-b\fR basename
Base filename for the .rsa and.sf files in the
META\-INF directory
.TP
\fB\-c\fR CompressionLevel
Set the compression level. 0\-9, 0=none
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-i\fR installer script
Name of the installer script for SmartUpdate
.TP
\fB\-m\fR metafile
Name of a metadata control file
.TP
\fB\-o\fR
For optimizing the archive for size.
Omit Optional Headers
.TP
\fB\-x\fR
directory or file name Excludes the specified directory or file from
signing
.TP
\fB\-z\fR
directory or file name To not store the signing time in digital
signature
.TP
\fB\-X\fR
directory or file name Create XPI Compatible Archive. It requires \fB\-Z\fR
option
.TP
\fB\-e\fR
Sign only files with the given extension
.TP
\fB\-j\fR
Causes the specified directory to be signed and
tags its entries as inline JavaScript
.TP
\fB\-Z\fR
Creates a JAR file with the specified name.
\fB\-Z\fR option cannot be used with \fB\-J\fR option
.TP
\fB\-p\fR
Specifies a password for the private\-key database
(insecure)
.TP
\fB\-\-outfile\fR filename
File to receive redirected output
.TP
\fB\-\-verbosity\fR value
Sets the quantity of information generated in
operation
.TP
\fB\-\-norecurse\fR
Blocks recursion into subdirectories
.TP
\fB\-\-leavearc\fR
Retains the temporary .arc (archive) directories
\fB\-J\fR option creates
.PP
\fB\-J\fR Signs a directory of HTML files containing JavaScript and
.IP
creates as many archive files as are in the HTML tags.
The options are same as without any command option given
above. \fB\-Z\fR and \fB\-J\fR options are not allowed together
.PP
\fB\-G\fR nickname Generates a new private\-public key pair and corresponding
.IP
object\-signing certificates with the given nickname
.TP
\fB\-\-keysize\fR|\-s keysize
Specifies the size of the key for generated
certificate
.TP
\fB\-\-token\fR|\-t token name
Specifies which available token should generate
the key and receive the certificate
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.PP
\fB\-h\fR Display signtool help
.PP
\fB\-H\fR Display signtool help(Detailed)
.PP
\fB\-l\fR Lists signing certificates, including issuing CAs
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-k\fR keyname
Specifies the nickname (key) of the certificate
.PP
\fB\-L\fR Lists the certificates in your database
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-k\fR keyname
Specifies the nickname (key) of the certificate
.PP
\fB\-M\fR Lists the PKCS #11 modules available to signtool
.PP
\fB\-v\fR archive Displays the contents of an archive and verifies
.IP
cryptographic integrity
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.PP
\fB\-w\fR archive Displays the names of signers in the archive
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-O\fR
Common option to all the above.
Enable OCSP checking
.PP
\fB\-f\fR command\-file Specifies a text file containing options and arguments in
.IP
keyword=value format. Commands are taken from this file
.PP
Example:
signtool \fB\-d\fR "certificate directory" \fB\-k\fR "certnickname" \e
.TP
\fB\-p\fR "password"
\fB\-X\fR \fB\-Z\fR "file.xpi" directory\-tree
.PP
Common syntax to create an XPInstall compatible signed archive
.PP
Command File Keywords and Example:
.PP
Keyword Value
basename Same as \fB\-b\fR option
compression Same as \fB\-c\fR option
certdir Same as \fB\-d\fR option
extension Same as \fB\-e\fR option
generate Same as \fB\-G\fR option
installscript Same as \fB\-i\fR option
javascriptdir Same as \fB\-j\fR option
htmldir Same as \fB\-J\fR option
certname Nickname of certificate, as with \fB\-k\fR option
signdir The directory to be signed, as with \fB\-k\fR option
list Same as \fB\-l\fR option. Value is ignored,
.IP
but = sign must be present
.PP
listall Same as \fB\-L\fR option. Value is ignored
.IP
but = sign must be present
.PP
metafile Same as \fB\-m\fR option
modules Same as \fB\-M\fR option. Value is ignored,
.IP
but = sign must be present
.PP
optimize Same as \fB\-o\fR option. Value is ignored,
.IP
but = sign must be present
.PP
ocsp Same as \fB\-O\fR option
password Same as \fB\-p\fR option
verify Same as \fB\-v\fR option
who Same as \fB\-w\fR option
exclude Same as \fB\-x\fR option
notime Same as \fB\-z\fR option. Value is ignored,
.IP
but = sign must be present
.PP
jarfile Same as \fB\-Z\fR option
outfile Same as \fB\-\-outfile\fR option. The argument
.IP
is the name of a file to which output
of a file and error messages will be
redirected
.PP
leavearc Same as \fB\-\-leavearc\fR option
verbosity Same as \fB\-\-verbosity\fR option
keysize Same as \fB\-s\fR option
token Same as \fB\-t\fR option
xpi Same as \fB\-X\fR option
.PP
Here's an example of the use of the command file. The command
.IP
signtool \fB\-d\fR c:\enetscape\eusers\ejames \fB\-k\fR mycert \fB\-Z\fR myjar.jar \e
signdir > output.txt
.PP
becomes
.IP
signtool \fB\-f\fR somefile
.PP
where somefile contains the following lines:
.IP
certdir=c:\enetscape\eusers\ejames
certname=mycert
jarfile=myjar.jar
signdir=signdir
outfile=output.txt
.PP
signtool directory\-tree Signs the directory\-tree
.TP
\fB\-k\fR keyname
Nickname (key) of the certificate to sign with
.TP
\fB\-b\fR basename
Base filename for the .rsa and.sf files in the
META\-INF directory
.TP
\fB\-c\fR CompressionLevel
Set the compression level. 0\-9, 0=none
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-i\fR installer script
Name of the installer script for SmartUpdate
.TP
\fB\-m\fR metafile
Name of a metadata control file
.TP
\fB\-o\fR
For optimizing the archive for size.
Omit Optional Headers
.TP
\fB\-x\fR
directory or file name Excludes the specified directory or file from
signing
.TP
\fB\-z\fR
directory or file name To not store the signing time in digital
signature
.TP
\fB\-X\fR
directory or file name Create XPI Compatible Archive. It requires \fB\-Z\fR
option
.TP
\fB\-e\fR
Sign only files with the given extension
.TP
\fB\-j\fR
Causes the specified directory to be signed and
tags its entries as inline JavaScript
.TP
\fB\-Z\fR
Creates a JAR file with the specified name.
\fB\-Z\fR option cannot be used with \fB\-J\fR option
.TP
\fB\-p\fR
Specifies a password for the private\-key database
(insecure)
.TP
\fB\-\-outfile\fR filename
File to receive redirected output
.TP
\fB\-\-verbosity\fR value
Sets the quantity of information generated in
operation
.TP
\fB\-\-norecurse\fR
Blocks recursion into subdirectories
.TP
\fB\-\-leavearc\fR
Retains the temporary .arc (archive) directories
\fB\-J\fR option creates
.PP
\fB\-J\fR Signs a directory of HTML files containing JavaScript and
.IP
creates as many archive files as are in the HTML tags.
The options are same as without any command option given
above. \fB\-Z\fR and \fB\-J\fR options are not allowed together
.PP
\fB\-G\fR nickname Generates a new private\-public key pair and corresponding
.IP
object\-signing certificates with the given nickname
.TP
\fB\-\-keysize\fR|\-s keysize
Specifies the size of the key for generated
certificate
.TP
\fB\-\-token\fR|\-t token name
Specifies which available token should generate
the key and receive the certificate
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.PP
\fB\-h\fR Display signtool help
.PP
\fB\-H\fR Display signtool help(Detailed)
.PP
\fB\-l\fR Lists signing certificates, including issuing CAs
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-k\fR keyname
Specifies the nickname (key) of the certificate
.PP
\fB\-L\fR Lists the certificates in your database
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-k\fR keyname
Specifies the nickname (key) of the certificate
.PP
\fB\-M\fR Lists the PKCS #11 modules available to signtool
.PP
\fB\-v\fR archive Displays the contents of an archive and verifies
.IP
cryptographic integrity
.TP
\fB\-d\fR certificate directory
Certificate database directory containing cert*db
and key*db
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.PP
\fB\-w\fR archive Displays the names of signers in the archive
.TP
\fB\-\-outfile\fR filename
Specifies a file to receive redirected output
.TP
\fB\-O\fR
Common option to all the above.
Enable OCSP checking
.PP
\fB\-f\fR command\-file Specifies a text file containing options and arguments in
.IP
keyword=value format. Commands are taken from this file
.PP
Example:
signtool \fB\-d\fR "certificate directory" \fB\-k\fR "certnickname" \e
.TP
\fB\-p\fR "password"
\fB\-X\fR \fB\-Z\fR "file.xpi" directory\-tree
.PP
Common syntax to create an XPInstall compatible signed archive
.PP
Command File Keywords and Example:
.PP
Keyword Value
basename Same as \fB\-b\fR option
compression Same as \fB\-c\fR option
certdir Same as \fB\-d\fR option
extension Same as \fB\-e\fR option
generate Same as \fB\-G\fR option
installscript Same as \fB\-i\fR option
javascriptdir Same as \fB\-j\fR option
htmldir Same as \fB\-J\fR option
certname Nickname of certificate, as with \fB\-k\fR option
signdir The directory to be signed, as with \fB\-k\fR option
list Same as \fB\-l\fR option. Value is ignored,
.IP
but = sign must be present
.PP
listall Same as \fB\-L\fR option. Value is ignored
.IP
but = sign must be present
.PP
metafile Same as \fB\-m\fR option
modules Same as \fB\-M\fR option. Value is ignored,
.IP
but = sign must be present
.PP
optimize Same as \fB\-o\fR option. Value is ignored,
.IP
but = sign must be present
.PP
ocsp Same as \fB\-O\fR option
password Same as \fB\-p\fR option
verify Same as \fB\-v\fR option
who Same as \fB\-w\fR option
exclude Same as \fB\-x\fR option
notime Same as \fB\-z\fR option. Value is ignored,
.IP
but = sign must be present
.PP
jarfile Same as \fB\-Z\fR option
outfile Same as \fB\-\-outfile\fR option. The argument
.IP
is the name of a file to which output
of a file and error messages will be
redirected
.PP
leavearc Same as \fB\-\-leavearc\fR option
verbosity Same as \fB\-\-verbosity\fR option
keysize Same as \fB\-s\fR option
token Same as \fB\-t\fR option
xpi Same as \fB\-X\fR option
.PP
Here's an example of the use of the command file. The command
.IP
signtool \fB\-d\fR c:\enetscape\eusers\ejames \fB\-k\fR mycert \fB\-Z\fR myjar.jar \e
signdir > output.txt
.PP
becomes
.IP
signtool \fB\-f\fR somefile
.PP
where somefile contains the following lines:
.IP
certdir=c:\enetscape\eusers\ejames
certname=mycert
jarfile=myjar.jar
signdir=signdir
outfile=output.txt
.SH "SEE ALSO"
The full documentation for
.B Signing
is maintained as a Texinfo manual. If the
.B info
and
.B Signing
programs are properly installed at your site, the command
.IP
.B info Signing
.PP
should give you access to the complete manual.
-------------- next part --------------
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36.
.TH SSLTAP "1" "December 2009" "SSLTAP (C) 1997, 1998 Netscape Communications Corporation." "User Commands"
.SH NAME
SSLTAP \- manual page for SSLTAP (C) 1997, 1998 Netscape Communications Corporation.
.SH SYNOPSIS
.B ssltap
[\fI-vhfsxl\fR] [\fI-p port\fR] \fIhostname:port\fR
.SH DESCRIPTION
SSLTAP (C) 1997, 1998 Netscape Communications Corporation.
.TP
\fB\-v\fR
[prints version string]
.TP
\fB\-h\fR
[outputs hex instead of ASCII]
.TP
\fB\-f\fR
[turn on Fancy HTML coloring]
.TP
\fB\-s\fR
[turn on SSL decoding]
.TP
\fB\-x\fR
[turn on extra SSL hex dumps]
.HP
\fB\-p\fR port [specify rendezvous port (default 1924)]
.TP
\fB\-l\fR
[loop \- continue to wait for more connections]
.PP
SSLTAP (C) 1997, 1998 Netscape Communications Corporation.
Usage: ssltap [\-vhfsxl] [\-p port] hostname:port
.TP
\fB\-v\fR
[prints version string]
.TP
\fB\-h\fR
[outputs hex instead of ASCII]
.TP
\fB\-f\fR
[turn on Fancy HTML coloring]
.TP
\fB\-s\fR
[turn on SSL decoding]
.TP
\fB\-x\fR
[turn on extra SSL hex dumps]
.HP
\fB\-p\fR port [specify rendezvous port (default 1924)]
.TP
\fB\-l\fR
[loop \- continue to wait for more connections]
.PP
Usage: ssltap [\-vhfsxl] [\-p port] hostname:port
.TP
\fB\-v\fR
[prints version string]
.TP
\fB\-h\fR
[outputs hex instead of ASCII]
.TP
\fB\-f\fR
[turn on Fancy HTML coloring]
.TP
\fB\-s\fR
[turn on SSL decoding]
.TP
\fB\-x\fR
[turn on extra SSL hex dumps]
.HP
\fB\-p\fR port [specify rendezvous port (default 1924)]
.TP
\fB\-l\fR
[loop \- continue to wait for more connections]
.PP
SSLTAP (C) 1997, 1998 Netscape Communications Corporation.
Usage: ssltap [\-vhfsxl] [\-p port] hostname:port
.TP
\fB\-v\fR
[prints version string]
.TP
\fB\-h\fR
[outputs hex instead of ASCII]
.TP
\fB\-f\fR
[turn on Fancy HTML coloring]
.TP
\fB\-s\fR
[turn on SSL decoding]
.TP
\fB\-x\fR
[turn on extra SSL hex dumps]
.HP
\fB\-p\fR port [specify rendezvous port (default 1924)]
.TP
\fB\-l\fR
[loop \- continue to wait for more connections]
.SH "SEE ALSO"
The full documentation for
.B SSLTAP
is maintained as a Texinfo manual. If the
.B info
and
.B SSLTAP
programs are properly installed at your site, the command
.IP
.B info SSLTAP
.PP
should give you access to the complete manual.
-------------- next part --------------
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.36.
.TH USAGE: "1" "December 2009" "Usage: pk12util -i importfile [-d certdir] [-P dbprefix] [-h tokenname] [-v]" "User Commands"
.SH NAME
Usage: \- manual page for Usage: pk12util -i importfile [-d certdir] [-P dbprefix] [-h tokenname] [-v]
.SH SYNOPSIS
.B pk12util
\fI-i importfile \fR[\fI-d certdir\fR] [\fI-P dbprefix\fR] [\fI-h tokenname\fR] [\fI-v\fR]
.SH DESCRIPTION
.IP
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filepw]
.PP
Usage: pk12util \fB\-l\fR listfile [\-d certdir] [\-P dbprefix] [\-h tokenname] [\-r]
.IP
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filepw]
.PP
Usage: pk12util \fB\-o\fR exportfile \fB\-n\fR certname [\-d certdir] [\-P dbprefix] [\-v]
.IP
[\-c key_cipher] [\-C cert_cipher] [\-m | \fB\-\-key_len\fR keyLen] [\-n | \fB\-\-cert_key_len\fR certKeyLen]
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filefilepw]
.IP
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filepw]
.PP
Usage: pk12util \fB\-l\fR listfile [\-d certdir] [\-P dbprefix] [\-h tokenname] [\-r]
.IP
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filepw]
.PP
Usage: pk12util \fB\-o\fR exportfile \fB\-n\fR certname [\-d certdir] [\-P dbprefix] [\-v]
.IP
[\-c key_cipher] [\-C cert_cipher] [\-m | \fB\-\-key_len\fR keyLen] [\-n | \fB\-\-cert_key_len\fR certKeyLen]
[\-k slotpwfile | \fB\-K\fR slotpw] [\-w p12filepwfile | \fB\-W\fR p12filefilepw]
.SH "SEE ALSO"
The full documentation for
.B Usage:
is maintained as a Texinfo manual. If the
.B info
and
.B Usage:
programs are properly installed at your site, the command
.IP
.B info Usage:
.PP
should give you access to the complete manual.
More information about the pkg-mozilla-maintainers
mailing list