command is a basic certification authority that can be used to issue
X.509 certificates and certificate revocation lists.
- -config filename
Specify the name of a file to be used as a configuration file. If omitted, the system-wide default configuration file is used. Use of this option overrides the
Cause more information to be displayed than normal.
- -name section
Specify the name of a section in the configuration file being used that contains the default settings for the CA. The default is to use the section specified by the
default_cakey in the
casection of the configuration file.
- -in filename
Specify the name of a file containing a certificate request to be signed by the CA, causing a certificate to be created.
- -ss_cert filename
Specify the name of a file containing a self-signed certificate to be signed by the CA.
- -spkac filename
Specify the name of a file containing a Netscape Signed Public Key and Challenge.
If this option is present, it must be the last option on the command line. Each argument after it is assumed to be a file containing a certificate request to be signed by the CA, and certificates will be created for each one.
- -out filename
Specify the name of a file to write the certificate or certificates created by the CA to. The default is to write certificates to
stdout. If the
gencrloption is used, this option specifies the name of the file to which the generated certificate ...