From dd46d58f65bd3a342bbcd8586680942be643fc7d Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Fri, 21 Jan 2000 02:17:04 +0000 Subject: Change the 'man' directory to 'apps'. Yes I wish cvs could rename too :-( --- doc/apps/crl2pkcs7.pod | 90 ++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 doc/apps/crl2pkcs7.pod (limited to 'doc/apps/crl2pkcs7.pod') diff --git a/doc/apps/crl2pkcs7.pod b/doc/apps/crl2pkcs7.pod new file mode 100644 index 0000000000..ad749ed0c3 --- /dev/null +++ b/doc/apps/crl2pkcs7.pod @@ -0,0 +1,90 @@ +=pod + +=head1 NAME + +crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates. + +=head1 SYNOPSIS + +B B +[B<-inform PEM|DER>] +[B<-outform PEM|DER>] +[B<-in filename>] +[B<-out filename>] +[B<-print_certs>] + +=head1 DESCRIPTION + +The B command takes an optional CRL and one or more +certificates and converts them into a PKCS#7 degenerate "certificates +only" structure. + +=head1 COMMAND OPTIONS + +=over 4 + +=item B<-inform DER|PEM> + +This specifies the CRL input format. B format is DER encoded CRL +structure.B (the default) is a base64 encoded version of +the DER form with header and footer lines. + +=item B<-outform DER|PEM> + +This specifies the PKCS#7 structure output format. B format is DER +encoded PKCS#7 structure.B (the default) is a base64 encoded version of +the DER form with header and footer lines. + +=item B<-in filename> + +This specifies the input filename to read a CRL from or standard input if this +option is not specified. + +=item B<-out filename> + +specifies the output filename to write the PKCS#7 structure to or standard +output by default. + +=item B<-certfile filename> + +specifies a filename containing one or more certificates in B format. +All certificates in the file will be added to the PKCS#7 structure. This +option can be used more than once to read certificates form multiple +files. + +=item B<-nocrl> + +normally a CRL is included in the output file. With this option no CRL is +included in the output file and a CRL is not read from the input file. + +=back + +=head1 EXAMPLES + +Create a PKCS#7 structure from a certificate and CRL: + + openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem + +Creates a PKCS#7 structure in DER format with no CRL from several +different certificates: + + openssl crl2pkcs7 -nocrl -certfile newcert.pem + -certfile demoCA/cacert.pem -outform DER -out p7.der + +=head1 NOTES + +The output file is a PKCS#7 signed data structure containing no signers and +just certificates and an optional CRL. + +This utility can be used to send certificates and CAs to Netscape as part of +the certificate enrollment process. This involves sending the DER encoded output +as MIME type application/x-x509-user-cert. + +The B encoded form with the header and footer lines removed can be used to +install user certificates and CAs in MSIE using the Xenroll control. + +=head1 SEE ALSO + +pkcs7(1) + +=cut -- cgit v1.2.3