int retval;
/*
* value type: - no value (also the value zero), n number, p positive
- * number, u unsigned, s string, < input file, > output file, f der/pem
- * format, F any format identifier. n and u include zero; p does not.
+ * number, u unsigned, l long, s string, < input file, > output file,
+ * f any format, F der/pem format , E der/pem/engine format identifier.
+ * l, n and u include zero; p does not.
*/
int valtype;
const char *helpstr;
{"inform", OPT_INFORM, 'F', "input format - one of DER PEM"},
{"in", OPT_IN, '<', "input file"},
{"out", OPT_OUT, '>', "output file (output format is always DER)"},
- {"i", OPT_INDENT, 0, "entries"},
+ {"i", OPT_INDENT, 0, "indents the output"},
{"noout", OPT_NOOUT, 0, "don't produce any output"},
{"offset", OPT_OFFSET, 'p', "offset into file"},
{"length", OPT_LENGTH, 'p', "length of section in file"},
{"name", OPT_NAME, 's', "The particular CA definition to use"},
{"subj", OPT_SUBJ, 's', "Use arg instead of request's subject"},
{"utf8", OPT_UTF8, '-', "Input characters are UTF8 (default ASCII)"},
- {"create_serial", OPT_CREATE_SERIAL, '-'},
+ {"create_serial", OPT_CREATE_SERIAL, '-',
+ "If reading serial fails, create a new random serial"},
{"multivalue-rdn", OPT_MULTIVALUE_RDN, '-',
"Enable support for multivalued RDNs"},
{"startdate", OPT_STARTDATE, 's', "Cert notBefore, YYMMDDHHMMSSZ"},
{"updatedb", OPT_UPDATEDB, '-', "Updates db for expired cert"},
{"crlexts", OPT_CRLEXTS, 's',
"CRL extension section (override value in config file)"},
- {"crl_reason", OPT_CRL_REASON, 's'},
- {"crl_hold", OPT_CRL_HOLD, 's'},
- {"crl_compromise", OPT_CRL_COMPROMISE, 's'},
- {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's'},
+ {"crl_reason", OPT_CRL_REASON, 's', "revocation reason"},
+ {"crl_hold", OPT_CRL_HOLD, 's',
+ "the hold instruction, an OID. Sets revocation reason to certificateHold"},
+ {"crl_compromise", OPT_CRL_COMPROMISE, 's',
+ "sets compromise time to val and the revocation reason to keyCompromise"},
+ {"crl_CA_compromise", OPT_CRL_CA_COMPROMISE, 's',
+ "sets compromise time to val and the revocation reason to CACompromise"},
#ifndef OPENSSL_NO_ENGINE
{"engine", OPT_ENGINE, 's', "Use engine, possibly a hardware device"},
#endif
[B<-engine id>]
[B<-subj arg>]
[B<-utf8>]
+[B<-create_serial>]
[B<-multivalue-rdn>]
=head1 DESCRIPTION
=over 4
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-verbose>
+
+this prints extra details about the operations being performed.
+
=item B<-config filename>
specifies the configuration file to use.
the key password source. For more information about the format of B<arg>
see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
-=item B<-help>
-
-Print out a usage message.
-
-=item B<-verbose>
-
-this prints extra details about the operations being performed.
-
=item B<-notext>
don't output the text form of a certificate to the output file.
values, whether prompted from a terminal or obtained from a
configuration file, must be valid UTF8 strings.
+=item B<-create_serial>
+
+if reading serial from the text file as specified in the configuration
+fails, specifying this option creates a new random serial to be used as next
+serial number.
+
=item B<-multivalue-rdn>
This option causes the -subj argument to be interpreted with full
projects / oweals / openssl.git / commitdiff