Table of Contents for
Network Security with OpenSSL

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Network Security with OpenSSL by Pravir Chandra Published by O'Reilly Media, Inc., 2002
  1. Cover
  2. Network Security with OpenSSL
  3. Network Security with OpenSSL
  4. Dedication
  5. A Note Regarding Supplemental Files
  6. Preface
  7. 1. Introduction
  8. 2. Command-Line Interface
  9. 3. Public Key Infrastructure (PKI)
  10. 4. Support Infrastructure
  11. 5. SSL/TLS Programming
  12. 6. Symmetric Cryptography
  13. 7. Hashes and MACs
  14. 8. Public Key Algorithms
  15. 9. OpenSSL in Other Languages
  16. 10. Advanced Programming Topics
  17. A. Command-Line Reference
  18. asn1parse
  19. ca
  20. ciphers
  21. crl
  22. crl2pkcs7
  23. dgst
  24. dhparam
  25. dsa
  26. dsaparam
  27. enc
  28. errstr
  29. gendsa
  30. genrsa
  31. nseq
  32. passwd
  33. pkcs7
  34. pkcs8
  35. pkcs12
  36. rand
  37. req
  38. rsa
  39. rsautl
  40. s_client
  41. s_server
  42. s_time
  43. sess_id
  44. smime
  45. speed
  46. spkac
  47. verify
  48. version
  49. x509
  50. Index
  51. About the Authors
  52. Colophon
  53. Copyright

Name

crl2pkcs7

Synopsis

The crl2pkcs7 command is used to combine certificates and an optional certificate revocation list into a single PKCS#7 structure.

Options

-in filename

Specify the name of a file from which to read a CRL for inclusion in the resulting PKCS#7 structure. If this option is omitted, the CRL will be read from stdin.

-inform DER|PEM

Specify the format of the CRL that will be read. Valid formats are either DER or PEM. If this option is not specified, the default is PEM.

-out filename

Specify the name of a file to write the resulting PKCS#7 structure to. If this option is omitted, output is written to stdout.

-outform DER|PEM

Specify the format of the PKCS#7 that will be written. Valid formats are either DER or PEM. If this option is not specified, the default is PEM.

-certfile filename

Specify the name of a file containing one or more certificates in PEM format. This option may be specified multiple times to include multiple certificates from multiple files.

-nocrl

Do not include a CRL in the resulting PKCS#7 structure. If this option is specified, the in and inform options are ignored, and no CRL is read from stdin.

Notes

The PKCS#7 structure that is created is not signed. It will contain only the certificates and CRL that are specified for inclusion. The PKCS#7 structure that results from this command can be used to send certificates and CRLs to Netscape as part of the certificate enrollment process. To do so, the PKCS#7 structure that is created must be DER-encoded and sent as MIME type application/x-x509-user-cert. The header and footer lines can be removed from the PEM output from this command to send user certificates and CRLs to Microsoft Internet Explorer using the “Xenroll” control.