Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

wanboot_p12split(1m) [sunos man page]

wanboot_p12split(1M)					  System Administration Commands				      wanboot_p12split(1M)

NAME

       wanboot_p12split - split a PKCS #12 file into separate certificate and key files

SYNOPSIS

       /usr/lib/inet/wanboot/p12split -i p12file -c out_cert -k out_key [-t out_trust -l id -v]

DESCRIPTION

       The  p12split  utility  extracts  a  certificate  and  private  key from the repository specified by p12file, depositing the certificate in
       out_cert and the key in out_key. If supplied, the -l option specifies the value for the LocalKeyId that will be used in the new certificate
       and key files. p12split can optionally extract a trust certificate into the out_trust file if the -t option is specified. Use the -v option
       to get a verbose description of the split displayed to standard output.

OPTIONS

       The following arguments and options are supported:

       -c out_cert

	   Specifies a repository that receives a extracted certificate.

       -i p12file

	   Specifies a repository from which a certificate and private key is extracted.

       -k out_key

	   Specifies a repository that receives a extracted private key.

       -l id

	   Specifies the value for the LocalKeyId that will be used in the new certificate and key files.

       -t out_trust

	   Specifies a file for receiving an extracted trust certificate.

       -v

	   Displays a verbose description of the split to sdtout.

EXIT STATUS

       0

	   Successful operation.

       >0

	   An error occurred.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWwbsup 		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Unstable			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       attributes(5)

SunOS 5.10							    18 Apr 2003 					      wanboot_p12split(1M)

Check Out this Related Man Page

NBSVTOOL(1)						    BSD General Commands Manual 					       NBSVTOOL(1)

NAME

     nbsvtool -- create and verify detached signatures of files

SYNOPSIS

     nbsvtool [-v] [-a anchor-certificates] [-c certificate-chain] [-f certificate-file] [-k private-key-file] [-u required-key-usage] command
	      args ...

DESCRIPTION

     nbsvtool is used to create and verify detached X509 signatures of files.  Private keys and certificates are expected to be PEM encoded, sig-
     natures are in PEM/SMIME format.

     Supported commands:

     sign file			       Sign file, placing the signature in file.sp7.  The options -f and -k are required for this command.

     verify file [signature]	       Verify signature for file.  If signature is not specified, file.sp7 is used.

     verify-code file [signature]      This is a short cut for verify with the option -u code.

     Supported options:

     -a anchor-certificates	   A file containing one or more (concatenated) keys that are considered trusted.

     -c certificate-chain	   A file containing additional certificates that will be added to the signature when creating one.  They will be
				   used to fill missing links in the trust chain when verifying the signature.

     -f certificate-file	   A file containing the certificate to use for signing.  The certificate must match the key given by -k.

     -k private-key-file	   A file containing the private key to use for signing.

     -u required-key-usage	   Verify that the extended key-usage attribute in the signing certificate matches required-key-usage.	Otherwise,
				   the signature is rejected.  key usage can be one of: ``ssl-server'', ``ssl-client'', ``code'', or ``smime''.

     -v 			   Print verbose information about the signing certificate.

EXIT STATUS

     The nbsvtool utility exits 0 on success, and >0 if an error occurs.

EXAMPLES

     Create signature file hello.sp7 for file hello.  The private key is found in file key, the matching certificate is in cert, additional cer-
     tificates from cert-chain are included in the created signature.
	   nbsvtool -k key -f cert -c cert-chain sign hello hello.sp7

     Verify that the signature hello.sp7 is valid for file hello and that the signing certificate allows code signing.	Certificates in
     anchor-file are considered trusted, and there must be a certificate chain from one of those certificates to the signing certificate.
	   nbsvtool -a anchor-file verify-code hello hello.sp7

SEE ALSO

     openssl_smime(1)

CAVEATS

     As there is currently no default trust anchor, you must explicilty specify one with -a, otherwise no verification can succeed.

BSD
								  March 11, 2009							       BSD
Man Page