diff options
Diffstat (limited to 'doc/apps/pkcs12.pod')
-rw-r--r-- | doc/apps/pkcs12.pod | 41 |
1 files changed, 30 insertions, 11 deletions
diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod index 3643a19..3d2ed36 100644 --- a/doc/apps/pkcs12.pod +++ b/doc/apps/pkcs12.pod @@ -37,6 +37,10 @@ B<openssl> B<pkcs12> [B<-keysig>] [B<-password password>] [B<-envpass var>] +[B<-passin password>] +[B<-envpassin var>] +[B<-passout password>] +[B<-envpassout var>] =head1 DESCRIPTION @@ -64,15 +68,24 @@ by default. The filename to write certificates and private keys to, standard output by default. They are all written in PEM format. -=item B<-pass password> +=item B<-pass password>, B<-passin password> -the PKCS#12 file password. Since certain utilities like "ps" make the command line -visible this option should be used with caution. +the PKCS#12 file (i.e. input file) password. Since certain utilities like "ps" make +the command line visible this option should be used with caution. -=item B<-envpass var> +=item B<-envpass var>, B<-envpassin password> read the PKCS#12 file password from the environment variable B<var>. +=item B<-passout password> + +pass phrase to encrypt any outputed private keys with. Since certain utilities like +"ps" make the command line visible this option should be used with caution. + +=item B<-envpass var>, B<-envpassin password> + +read the outputed private keys file password from the environment variable B<var>. + =item B<-noout> this option inhibits output of the keys and certificates to the output file version @@ -169,15 +182,24 @@ used multiple times to specify names for all certificates in the order they appear. Netscape ignores friendly names on other certificates whereas MSIE displays them. -=item B<-pass password> +=item B<-pass password>, B<-passout password> -the PKCS#12 file password. Since certain utilities like "ps" make the command line -visible this option should be used with caution. +the PKCS#12 file (i.e. output file) password. Since certain utilities like "ps" +make the command line visible this option should be used with caution. -=item B<-envpass var> +=item B<-envpass var>, B<-envpassout var> read the PKCS#12 file password from the environment variable B<var>. +=item B<-passin password> + +pass phrase to decrypt the input private key with. Since certain utilities like +"ps" make the command line visible this option should be used with caution. + +=item B<-envpassin password> + +read the input private key file password from the environment variable B<var>. + =item B<-chain> if this option is present then an attempt is made to include the entire @@ -277,9 +299,6 @@ Include some extra certificates: Some would argue that the PKCS#12 standard is one big bug :-) -Need password options for the PEM files: this will probably be fixed before -release. - =head1 SEE ALSO L<pkcs8(1)|pkcs8(1)> |