Poster of Linux kernelThe best gift for a Linux geek
CERTPATCH

CERTPATCH

Section: Maintenance Commands (8)
Local index Up

BSD mandoc
 

NAME

certpatch - add subjectAltName identities to X.509 certificates  

SYNOPSIS

certpatch [-t identity-type ] -i identity -k signing-key input-certificate output-certificate  

DESCRIPTION

certpatch alters PEM-encoded X.509 certificates by adding a subjectAltName extension containing an identity used by the signature-based authentication schemes of the ISAKMP protocol. After the addition the certificate will be signed once again with the supplied CA signing key.

The options are as follows:

-t identity-type
If given, the -t option specifies the type of the given identity. Currently ip fqdn and ufqdn are recognized. The default is ip
-i identity
The -i option takes an argument which is the identity to put into the subjectAltName field of the certificate. If the identity-type is ip this argument should be an IPv4 address in dotted decimal notation.
-k signing-key
The -k option specifies the key used for signing the certificate once the subjectAltName extension has been added. The key is specified by the filename where it is stored in PEM format.

 

SEE ALSO

isakmpd(8), ssl(8)


 

Index

NAME
SYNOPSIS
DESCRIPTION
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 22:01:24 GMT, April 16, 2011