x509(3ssl) [linux man page]
x509(3SSL) OpenSSL x509(3SSL) NAME
x509 - X.509 certificate handling SYNOPSIS
#include <openssl/x509.h> DESCRIPTION
A X.509 certificate is a structured grouping of information about an individual, a device, or anything one can imagine. A X.509 CRL (certificate revocation list) is a tool to help determine if a certificate is still valid. The exact definition of those can be found in the X.509 document from ITU-T, or in RFC3280 from PKIX. In OpenSSL, the type X509 is used to express such a certificate, and the type X509_CRL is used to express a CRL. A related structure is a certificate request, defined in PKCS#10 from RSA Security, Inc, also reflected in RFC2896. In OpenSSL, the type X509_REQ is used to express such a certificate request. To handle some complex parts of a certificate, there are the types X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express a certificate attributes), X509_EXTENSION (to express a certificate extension) and a few more. Finally, there's the supertype X509_INFO, which can contain a CRL, a certificate and a corresponding private key. X509_..., d2i_X509_... and i2d_X509_... handle X.509 certificates, with some exceptions, shown below. X509_CRL_..., d2i_X509_CRL_... and i2d_X509_CRL_... handle X.509 CRLs. X509_REQ_..., d2i_X509_REQ_... and i2d_X509_REQ_... handle PKCS#10 certificate requests. X509_NAME_... handle certificate names. X509_ATTRIBUTE_... handle certificate attributes. X509_EXTENSION_... handle certificate extensions. SEE ALSO
X509_NAME_ENTRY_get_object(3), X509_NAME_add_entry_by_txt(3), X509_NAME_add_entry_by_NID(3), X509_NAME_print_ex(3), X509_NAME_new(3), d2i_X509(3), d2i_X509_ALGOR(3), d2i_X509_CRL(3), d2i_X509_NAME(3), d2i_X509_REQ(3), d2i_X509_SIG(3), crypto(3), x509v3(3) 1.0.0e 2003-07-10 x509(3SSL)
Check Out this Related Man Page
tpmtoken_import(1) General Commands Manual tpmtoken_import(1) TPM Management - tpmtoken_import NAME
tpmtoken_import - import an X.509 certficate and/or an RSA key pair into the user's TPM PKCS#11 data store SYNOPSIS
tpmtoken_import [ OPTION ] FILE DESCRIPTION
tpmtoken_import imports a PEM formatted representation of an X.509 certificate and/or an RSA key contained in FILE. Importing an X.509 certificate creates an X.509 Public Key Certificate PKCS#11 object and also an RSA Public Key PKCS#11 object using the RSA public key contained in the certificate. The certificate's key must be an RSA key in order for the certificate to be successfully processed by this command. Importing an RSA key creates an RSA Public Key and an RSA Private Key PKCS#11 object. In order to associate the RSA PKCS#11 objects with an X.509 Public Key Certificate PKCS#11 object, the RSA PKCS#11 objects must have a subject name and key identifier associated with them. This can be accomplished by supplying the corresponding X.509 certificate as an optional command parameter. The input can contain PEM formatted representations of both an X.509 certificate and an RSA key. If both representations are present then an X.509 Public Key Certificate PKCS#11 object, an RSA Public Key PKCS#11 object and an RSA Private Key PKCS#11 object are created. -h, --help Display command usage info. -v, --version Display command version info. -l, --log [none|error|info|debug] Set logging level. -i, --idfile FILE Use FILE as the PEM formatted X.509 certificate input used to obtain the subject and id attributes -k, --token STRING Use STRING to identify the label of the PKCS#11 token to be used -n, --name STRING Use STRING as the label for the imported object(s) -p, --public Import the object(s) as a public object -t, --type key|cert Import only the specified object type -y, --yes Assume an answer of yes for any confirmation prompts that would normally be asked SEE ALSO
tpmtoken_init(1), tpmtoken_setpasswd(1), tpmtoken_objects(1), tpmtoken_protect(1) REPORTING BUGS
Report bugs to <trousers-users@lists.sourceforge.net> TPM Management 2005-04-25 tpmtoken_import(1)