diff options
author | Bastian Germann <bage@linutronix.de> | 2020-02-13 11:58:27 +0100 |
---|---|---|
committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-02-14 17:58:23 +0300 |
commit | 16d560439d8b1be5082228a87576a8f79b3525ac (patch) | |
tree | fc61ff47ccdea0187fe70b3d10e628cae781e678 /doc/man1/openssl-x509.pod.in | |
parent | 6943335e3e3889fd7a1c7b027ccdcd4f3955b5ec (diff) |
apps x509: passing PKCS#11 URL as -signkey
OpenSSL 1.1.0 has extended option checking, and rejects passing a PKCS#11
engine URL to "-signkey" option. The actual code is ready to take it.
Change the option parsing to allow an engine URL to be passed and modify
the manpage accordingly.
CLA: trivial
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/11086)
Diffstat (limited to 'doc/man1/openssl-x509.pod.in')
-rw-r--r-- | doc/man1/openssl-x509.pod.in | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/man1/openssl-x509.pod.in b/doc/man1/openssl-x509.pod.in index 3da2b0d122..50496984f8 100644 --- a/doc/man1/openssl-x509.pod.in +++ b/doc/man1/openssl-x509.pod.in @@ -45,7 +45,7 @@ B<openssl> B<x509> [B<-setalias> I<arg>] [B<-days> I<arg>] [B<-set_serial> I<n>] -[B<-signkey> I<filename>] +[B<-signkey> I<arg>] [B<-badsig>] [B<-passin> I<arg>] [B<-x509toreq>] @@ -348,10 +348,11 @@ can thus behave like a "mini CA". =over 4 -=item B<-signkey> I<filename> +=item B<-signkey> I<arg> This option causes the input file to be self signed using the supplied -private key. +private key or engine. The private key's format is specified with the +B<-keyform> option. It sets the issuer name to the subject name (i.e., makes it self-issued) and changes the public key to the supplied value (unless overridden by |