diff options
author | Bastian Germann <bage@linutronix.de> | 2020-02-13 11:58:27 +0100 |
---|---|---|
committer | Richard Levitte <levitte@openssl.org> | 2020-03-08 16:49:48 +0100 |
commit | 9aba5c5ff2ccfe59e1c7d77918804919d549ebbc (patch) | |
tree | ba50d47181614788164101ded95cc5a680a463e9 /doc | |
parent | 4eca3ec728f328a1b05553814e58ca9aa1cb4e78 (diff) |
apps x509: passing PKCS#11 URL as -signkey
OpenSSL 1.1.0 has extended option checking, and rejects passing a PKCS#11
engine URL to "-signkey" option. The actual code is ready to take it.
Change the option parsing to allow an engine URL to be passed and modify
the manpage accordingly.
CLA: trivial
(cherry picked from commit 16d560439d8b1be5082228a87576a8f79b3525ac)
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org>
(Merged from https://github.com/openssl/openssl/pull/11173)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man1/x509.pod | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod index e498aee4ff..ab1a39c9c6 100644 --- a/doc/man1/x509.pod +++ b/doc/man1/x509.pod @@ -44,7 +44,7 @@ B<openssl> B<x509> [B<-setalias arg>] [B<-days arg>] [B<-set_serial n>] -[B<-signkey filename>] +[B<-signkey arg>] [B<-passin arg>] [B<-x509toreq>] [B<-req>] @@ -350,10 +350,11 @@ can thus behave like a "mini CA". =over 4 -=item B<-signkey filename> +=item B<-signkey arg> This option causes the input file to be self signed using the supplied -private key. +private key or engine. The private key's format is specified with the +B<-keyform> option. If the input file is a certificate it sets the issuer name to the subject name (i.e. makes it self signed) changes the public key to the |