Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

nseq(1ssl) [v7 man page]

NSEQ(1SSL)							      OpenSSL								NSEQ(1SSL)

NAME

       openssl-nseq, nseq - create or examine a Netscape certificate sequence

SYNOPSIS

       openssl nseq [-help] [-in filename] [-out filename] [-toseq]

DESCRIPTION

       The nseq command takes a file containing a Netscape certificate sequence and prints out the certificates contained in it or takes a file of
       certificates and converts it into a Netscape certificate sequence.

OPTIONS

       -help
	   Print out a usage message.

       -in filename
	   This specifies the input filename to read or standard input if this option is not specified.

       -out filename
	   Specifies the output filename or standard output by default.

       -toseq
	   Normally a Netscape certificate sequence will be input and the output is the certificates contained in it. With the -toseq option the
	   situation is reversed: a Netscape certificate sequence is created from a file of certificates.

EXAMPLES

       Output the certificates in a Netscape certificate sequence

	openssl nseq -in nseq.pem -out certs.pem

       Create a Netscape certificate sequence

	openssl nseq -in certs.pem -toseq -out nseq.pem

NOTES

       The PEM encoded form uses the same headers and footers as a certificate:

	-----BEGIN CERTIFICATE-----
	-----END CERTIFICATE-----

       A Netscape certificate sequence is a Netscape specific format that can be sent to browsers as an alternative to the standard PKCS#7 format
       when several certificates are sent to the browser: for example during certificate enrollment.  It is used by Netscape certificate server
       for example.

BUGS

       This program needs a few more options: like allowing DER or PEM input and output files and allowing multiple certificate files to be used.

COPYRIGHT

       Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use this file except in compliance with the License.  You can obtain a
       copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

1.1.1a								    2018-12-18								NSEQ(1SSL)

Check Out this Related Man Page

CRL2PKCS7(1SSL)                                                       OpenSSL                                                      CRL2PKCS7(1SSL)

NAME

       openssl-crl2pkcs7, crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates

SYNOPSIS

       openssl crl2pkcs7 [-help] [-inform PEM|DER] [-outform PEM|DER] [-in filename] [-out filename] [-certfile filename] [-nocrl]

DESCRIPTION

       The crl2pkcs7 command takes an optional CRL and one or more certificates and converts them into a PKCS#7 degenerate "certificates only"
       structure.

OPTIONS

       -help
           Print out a usage message.

       -inform DER|PEM
           This specifies the CRL input format. DER format is DER encoded CRL structure.PEM (the default) is a base64 encoded version of the DER
           form with header and footer lines. The default format is PEM.

       -outform DER|PEM
           This specifies the PKCS#7 structure output format. DER format is DER encoded PKCS#7 structure.PEM (the default) is a base64 encoded
           version of the DER form with header and footer lines. The default format is PEM.

       -in filename
           This specifies the input filename to read a CRL from or standard input if this option is not specified.

       -out filename
           Specifies the output filename to write the PKCS#7 structure to or standard output by default.

       -certfile filename
           Specifies a filename containing one or more certificates in PEM format.  All certificates in the file will be added to the PKCS#7
           structure. This option can be used more than once to read certificates form multiple files.

       -nocrl
           Normally a CRL is included in the output file. With this option no CRL is included in the output file and a CRL is not read from the
           input file.

EXAMPLES

       Create a PKCS#7 structure from a certificate and CRL:

        openssl crl2pkcs7 -in crl.pem -certfile cert.pem -out p7.pem

       Creates a PKCS#7 structure in DER format with no CRL from several different certificates:

        openssl crl2pkcs7 -nocrl -certfile newcert.pem
               -certfile demoCA/cacert.pem -outform DER -out p7.der

NOTES

       The output file is a PKCS#7 signed data structure containing no signers and just certificates and an optional CRL.

       This utility can be used to send certificates and CAs to Netscape as part of the certificate enrollment process. This involves sending the
       DER encoded output as MIME type application/x-x509-user-cert.

       The PEM encoded form with the header and footer lines removed can be used to install user certificates and CAs in MSIE using the Xenroll
       control.

SEE ALSO

       pkcs7(1)

COPYRIGHT

       Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use this file except in compliance with the License.  You can obtain a
       copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.

1.1.1a                                                              2018-12-18                                                     CRL2PKCS7(1SSL)
Man Page