Certutil
De Linuxmemo.
(Différences entre les versions)
(Page créée avec « Catégorie:Commandes ==Install== sudo apt install libnss3-tools ==Utilisation== certutil -L -d . certutil -L -d . -a -n certname certutil -L -d . -n certname ») |
(→Utilisation) |
||
| Ligne 3 : | Ligne 3 : | ||
sudo apt install libnss3-tools | sudo apt install libnss3-tools | ||
==Utilisation== | ==Utilisation== | ||
| + | *lister les certificats | ||
certutil -L -d . | certutil -L -d . | ||
certutil -L -d . -a -n certname | certutil -L -d . -a -n certname | ||
certutil -L -d . -n certname | certutil -L -d . -n certname | ||
| + | *ajouter des certificats | ||
| + | certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file] | ||
| + | certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer | ||
| + | certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer | ||
| + | |||
| + | |||
| + | -t trustargs | ||
| + | · p - Valid peer | ||
| + | · P - Trusted peer (implies p) | ||
| + | · c - Valid CA | ||
| + | · C - Trusted CA (implies c) | ||
| + | · T - trusted CA for client authentication (ssl server only) | ||
| + | The attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks. For example: | ||
| + | -t "TC,C,T" | ||
Version du 13 avril 2018 à 09:06
Install
sudo apt install libnss3-tools
Utilisation
- lister les certificats
certutil -L -d . certutil -L -d . -a -n certname certutil -L -d . -n certname
- ajouter des certificats
certutil -A -n certname -t trustargs -d [sql:]directory [-a] [-i input-file] certutil -A -n "CN=My SSL Certificate" -t ",," -d sql:/home/my/sharednssdb -i /home/example-certs/cert.cer certutil -E -n "CN=John Smith Email Cert" -t ",P," -d sql:/home/my/sharednssdb -i /home/example-certs/email.cer
-t trustargs · p - Valid peer · P - Trusted peer (implies p) · c - Valid CA · C - Trusted CA (implies c) · T - trusted CA for client authentication (ssl server only) The attribute codes for the categories are separated by commas, and the entire set of attributes enclosed by quotation marks. For example: -t "TC,C,T"
