Certutil
De Linuxmemo.
(Différences entre les versions)
(Page créée avec « Catégorie:Commandes ==Install== sudo apt install libnss3-tools ==Utilisation== certutil -L -d . certutil -L -d . -a -n certname certutil -L -d . -n certname ») |
|||
| (4 versions intermédiaires masquées) | |||
| Ligne 1 : | Ligne 1 : | ||
[[Catégorie:Commandes]] | [[Catégorie:Commandes]] | ||
| + | Voir: [[Certutil]], [[Openssl]], [[Certificats]] | ||
==Install== | ==Install== | ||
sudo apt install libnss3-tools | sudo apt install libnss3-tools | ||
==Utilisation== | ==Utilisation== | ||
| + | *lister les certificats | ||
certutil -L -d . | certutil -L -d . | ||
certutil -L -d . -a -n certname | certutil -L -d . -a -n certname | ||
certutil -L -d . -n certname | certutil -L -d . -n certname | ||
| + | *ajouter des certificats | ||
| + | certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file] | ||
| + | certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer | ||
| + | certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer | ||
| + | |||
| + | certutil -A -n "CertignaCAroot" -t "C" -d . -i /home/user/Bureau/certignarootca.der | ||
| + | |||
| + | -t trustargs | ||
| + | · p - Valid peer | ||
| + | · P - Trusted peer (implies p) | ||
| + | · c - Valid CA | ||
| + | · C - Trusted CA (implies c) | ||
| + | · T - trusted CA for client authentication (ssl server only) | ||
| + | The attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks. For example: | ||
| + | -t "TC,C,T" | ||
| + | |||
| + | *Printing the Certificate Chain | ||
| + | certutil -d . -O -n "jsmith@example.com" | ||
Version actuelle en date du 20 mars 2019 à 16:18
Voir: Certutil, Openssl, Certificats
[modifier] Install
sudo apt install libnss3-tools
[modifier] Utilisation
- lister les certificats
certutil -L -d . certutil -L -d . -a -n certname certutil -L -d . -n certname
- ajouter des certificats
certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file] certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer
certutil -A -n "CertignaCAroot" -t "C" -d . -i /home/user/Bureau/certignarootca.der
-t trustargs · p - Valid peer · P - Trusted peer (implies p) · c - Valid CA · C - Trusted CA (implies c) · T - trusted CA for client authentication (ssl server only) The attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks. For example: -t "TC,C,T"
- Printing the Certificate Chain
certutil -d . -O -n "jsmith@example.com"
