Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

pyca(1) [debian man page]

pyca(1) 						      General Commands Manual							   pyca(1)

NAME

       pyca - CA written in python

DESCRIPTION

       The  scripts  in  ths suite are basically wrappers around openssl(1). Additionally the scripts integrates the generic CA-functionality with
       the mail-system and apache for handling certificate requests; with LDAP for handling distributing certificates and  revocation  lists;  and
       cron for maintenance tasks.

PROGRAMMES

       ca2ldif.py
	      Write  CA  certificates  and CRLs to a LDIF file. This is intended for initially setting up the CA entries not for daily CRL update.
	      The entries are  of  objectclass	certificationAuthority	and  contain  the  attributes  cACertificate;binary,  authorityRevocation-
	      List;binary  and	certificateRevocationList;binary. This might require extending schemas on LDAPv2 servers. Have a look at your LDAP
	      servers configuration documentation.

       certs2ldap.py
	      Send all certs and CRLs to a LDAP repository.

       copy-cacerts.py
	      Copy all CA certificates defined in an OpenSSL configuration to a bundled PEM file or a directory with  hash-named  symbolic  links.
	      This is quite handy in conjunction with ApacheSSL or Apache with mod_ssl for copying the files for SSLCACertificateFile or SSLCACer-
	      tificatePath.

       ns-jsconfig.py
	      Create Javascript code containing all CA certificates defined in an OpenSSL configuration for use with the Netscape admin tool (cre-
	      ating netscape.cfg).

       print-cacerts.py
	      This simple script prints all CA certs on stdout. It is intended to generate authentic printouts (on paper!) of the CA certs finger-
	      prints and is typically run on the private CA system.  Choose the option --html to generate nicer formatted HTML-output  instead	of
	      the default textual output in ISO-8859-1.

       ns-jsconfig.py
	      Create a Javascript file to be included in a Netscape configuration file (netscape.cfg).

SEE ALSO

       pyca(8)

       The programs are documented fully by the HTML documents in /usr/share/doc/pyca/htdocs/

COPYRIGHT

       Copyright (C) 2001 - 2003 Michael Stroeder <michael@stroeder.com>

       This software including all modules is Open Source and given away under: GPL (GNU GENERAL PUBLIC LICENSE) Version 2.

       The author refuses to give any warranty of any kind.

AUTHOR

       Michael Stroeder <michael@stroeder.com>

       This manual page was written by Lars Bahner <bahner@debian.org>, for the Debian GNU/Linux system.

								   june 30, 2002							   pyca(1)

Check Out this Related Man Page

NSEQ(1SSL)							      OpenSSL								NSEQ(1SSL)

NAME

       openssl-nseq, nseq - create or examine a Netscape certificate sequence

SYNOPSIS

       openssl nseq [-help] [-in filename] [-out filename] [-toseq]

DESCRIPTION

       The nseq command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of
       certificates and converts it into a Netscape certificate sequence.

OPTIONS

       -help
	   Print out a usage message.

       -in filename
	   This specifies the input filename to read or standard input if this option is not specified.

       -out filename
	   Specifies the output filename or standard output by default.

       -toseq
	   Normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the -toseq option the
	   situation is reversed: a Netscape certificate sequence is created from a file of certificates.

EXAMPLES

       Output the certificates in a Netscape certificate sequence

	openssl nseq -in nseq.pem -out certs.pem

       Create a Netscape certificate sequence

	openssl nseq -in certs.pem -toseq -out nseq.pem

NOTES

       The PEM encoded form uses the same headers and footers as a certificate:

	-----BEGIN CERTIFICATE-----
	-----END CERTIFICATE-----

       A Netscape certificate sequence is a Netscape specific format that can be sent to browsers as an alternative to the standard PKCS#7 format
       when several certificates are sent to the browser: for example during certificate enrollment.  It is used by Netscape certificate server
       for example.

BUGS

       This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used.

COPYRIGHT

       Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use this file except in compliance with the License.  You can obtain a
       copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

1.1.1a								    2018-12-18								NSEQ(1SSL)
Man Page