diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-01-01 16:42:49 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-01-01 16:42:49 +0000 |
commit | 20432eae41e35ea28a4d43c0dfc7acfdd9672812 (patch) | |
tree | ab6b92cdf2f38923e3e106968aa0dca236e0b4f9 /doc | |
parent | 47134b7864fd5e31dbdbc789d9e073742ad4c3ee (diff) | |
download | openssl-20432eae41e35ea28a4d43c0dfc7acfdd9672812.tar.gz |
Fix some of the command line password stuff. New function
that can automatically determine the type of a DER encoded
"traditional" format private key and change some of the
d2i functions to use it instead of requiring the application
to work out the key type.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man/pkcs8.pod | 22 | ||||
-rw-r--r-- | doc/man/req.pod | 24 |
2 files changed, 45 insertions, 1 deletions
diff --git a/doc/man/pkcs8.pod b/doc/man/pkcs8.pod index e2cc86e0e3..3d58856388 100644 --- a/doc/man/pkcs8.pod +++ b/doc/man/pkcs8.pod @@ -11,7 +11,11 @@ B<openssl> B<pkcs8> [B<-inform PEM|DER>] [B<-outform PEM|DER>] [B<-in filename>] +[B<-passin password>] +[B<-envpassin var>] [B<-out filename>] +[B<-passout password>] +[B<-envpassout var>] [B<-noiter>] [B<-nocrypt>] [B<-nooct>] @@ -53,6 +57,15 @@ This specifies the input filename to read a key from or standard input if this option is not specified. If the key is encrypted a pass phrase will be prompted for. +=item B<-passin password> + +the input file password. Since certain utilities like "ps" make the command line +visible this option should be used with caution. + +=item B<-envpassin var> + +read the input file password from the environment variable B<var>. + =item B<-out filename> This specifies the output filename to write a key to or standard output by @@ -60,6 +73,15 @@ default. If any encryption options are set then a pass phrase will be prompted for. The output filename should B<not> be the same as the input filename. +=item B<-passout password> + +the output file password. Since certain utilities like "ps" make the command line +visible this option should be used with caution. + +=item B<-envpassout var> + +read the output file password from the environment variable B<var>. + =item B<-nocrypt> PKCS#8 keys generated or input are normally PKCS#8 EncryptedPrivateKeyInfo diff --git a/doc/man/req.pod b/doc/man/req.pod index 9ca102579d..0211530552 100644 --- a/doc/man/req.pod +++ b/doc/man/req.pod @@ -11,7 +11,11 @@ B<openssl> B<req> [B<-inform PEM|DER>] [B<-outform PEM|DER>] [B<-in filename>] +[B<-passin password>] +[B<-envpassin var>] [B<-out filename>] +[B<-passout password>] +[B<-envpassout var>] [B<-text>] [B<-noout>] [B<-verify>] @@ -59,11 +63,29 @@ This specifies the input filename to read a request from or standard input if this option is not specified. A request is only read if the creation options (B<-new> and B<-newkey>) are not specified. +=item B<-passin password> + +the input file password. Since certain utilities like "ps" make the command line +visible this option should be used with caution. + +=item B<-envpassin var> + +read the input file password from the environment variable B<var>. + =item B<-out filename> This specifies the output filename to write to or standard output by default. +=item B<-passout password> + +the output file password. Since certain utilities like "ps" make the command line +visible this option should be used with caution. + +=item B<-envpassout var> + +read the output file password from the environment variable B<var>. + =item B<-text> prints out the certificate request in text form. @@ -269,7 +291,7 @@ consists of lines of the form: fieldName_min= 2 fieldName_max= 4 -"fieldName" is the field name being used, for example commonName. +"fieldName" is the field name being used, for example commonName (or CN). The "prompt" string is used to ask the user to enter the relvant details. If the user enters nothing then the default value is used if no default value is present then the field is omitted. A field can |