GENKEY

Section: (1)
Updated: April 2005
Index Return to Main Contents
 

NAME

genkey - generate SSL certificates and certificate requests  

SYNOPSIS

genkey [--test] [--days count] [[--genreq] [--makeca]] {hostname}
 

DESCRIPTION

genkey

is an interactive command-line tool which can be used to generate SSL certificates or Certificate Signing Requests (CSR). Generated certificates are stored in the directory /etc/pki/tls/certs/, and the corresponding private key in /etc/pki/tls/private/.

genkey will prompt for the size of key desired; whether or not to generate a CSR; whether or not an encrypted private key is desired; the certificate subject DN details.

genkey generates random data for the private key using the truerand library and also by prompting the user for entry of random text.  

OPTIONS

--makceca
Generate a Certificate Authority keypair.
--genreq
Generate a Certificate Signing Request for an existing private key, which can be submitted to a CA (for example, for renewal).
--days count
When generating a self-signed certificate, specify that the number of days for which the certificate is valid be count rather than the default value of 30.
--test
For test purposes only; omit the slow process of generating random data.
 

EXAMPLES

The following example will create a self-signed certificate and private key for the hostname www.example.com:

        # genkey --days 120 www.example.com
      

 

FILES

/etc/pki/tls/openssl.cnf  

SEE ALSO

certwatch(1)


 

Index

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
EXAMPLES
FILES
SEE ALSO

linux.jgfs.net manual pages