ipsec_certview man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

ipsec_certview(8)					     ipsec_certview(8)

NAME
       ipsec_certview - Displays the contents of IPsec certificate files

SYNOPSIS
       /usr/sbin/ipsec_certview [options] file [[options] file] ...

OPTIONS
       Specifies  a file that contains an X.509 public key certificate or cer‐
       tificate request.  Specifies a file that contains an X.509  certificate
       revocation list.	 Specifies a file that contains a private key.	Speci‐
       fies a file whose contents are in HEXL format. The  default  format  is
       binary (DER) encoding.  Specifies a file whose contents are in PEM for‐
       mat. The default format is binary (DER) encoding.   Prints  X.500-style
       names  in  the  order  that would be used when fetching the certificate
       from an LDAP server.  Displays large numbers (for example, key  values)
       in base 16 notation.  Sets the output line width to n characters.  Dis‐
       plays a summary of the command options and exit.

DESCRIPTION
       The ipsec_certview command displays the contents	 of  files  containing
       public-key  certificate	information.   This  command and other related
       certificate commands provided in this IPsec implementation are intended
       for testing purposes only.  They are not intended to provide a complete
       public-key certificate infrastructure.

       Each input file is read, and a formatted	 display  of  the  certificate
       data  is	 written  to  standard output.	Information displayed includes
       certificate subject name, issuer, validity dates, key information,  and
       extensions.   The  type of certificate-related file is specified by the
       -cert, -crl, and -prv options.  If no file type is specified, the util‐
       ity will attempt to figure out the file type from the file contents.

       If  both	 the  file  type  and encoding format are omitted, the utility
       assumes binary encoding and tries to guess the file type.   This	 might
       fail  and  produce spurious error messages, particularly if the file is
       actually PEM encoded.

RESTRICTIONS
       The viewing of private key  files  associated  with  Digital  Signature
       Authority (DSA) certificates is not currently supported.

EXAMPLES
       The following displays a PEM-encoded certificate file: # ipsec_certview
       -pem -base16 test-root.pem SSH X.509 v3 certificate and v2  crl	viewer
       demo  Copyright	(c)  1998-2000	SSH Communications Security, Ltd.  All
       rights reserved.	 Reading file 'test-root.pem' for  automatic.	Trying
       to decode the object...
	assuming it is a certificate ... success.

       Certificate =
	 SerialNumber = 0x84c
	 SubjectName =
	 IssuerName =
	 Certificate seems to be self-signed.
	     * Signature verification success.
	 Validity =
	   NotBefore = 2000 Jan	 1st, 19:30:00 GMT
	   NotAfter  = 2001 Jan	 1st, 12:00:00 GMT
	 PublicKeyInfo =
	   Algorithm name (X.509) : dsaEncryption
	   SSH library default names
	     base type		 = dl-modp
	     signature algorithm = dsa-nist-sha1
	   Modulus p	 ( 768 bits) :
	     0x81a4c0494153974b5d8a6fcf24d7813b7ac6768b26a8b4d1cf53cc1067b5b57a0890644
	     edfaf2271b4afeca4d378f824624a001360846a16eba0fb1ade3b2f89273a5c9ca853b272
	     34e1db63ff4cc73a005855d897e46ecd4d8eb461f15125e5
	   Group	order	     q	      (	       160	 bits)	     :
       0xe8747149d5276cdb992e1823810f246cb11626dd
	   Generator g	 ( 765 bits) :
	     0x1d1f76b7d98408345399d4330a333074f6ebb42042e67ee7abafc3ad3f58f2ef22b3b2e
	     08608b48bfc5ee732e1f54cc42ef2916ffb9fcc53f9bc36735918411bf5058a5fd1295c28
	     b085a9839197b23bd23db652dc14a240b772aef38f8f8ff5
	   Public key y	 ( 761 bits) :
	     0x18ee49d8d0f9ad1dd338cee2b993d59ab86a6ef661243f1458ce53e3b1eba7a9ca67890
	     30a2a1a08588d4b3cbaa19064dce04f5daaa7c747a5c3fe6e00d9f9ae284d2dd3a51e58ec
	     397d93b1b48b8e4dd2087ac893245d76fa0716037734b8a
	   Extensions =
	     Available = key usage, basic constraints(critical)
	     KeyUsage = DigitalSignature KeyCertSign
	     BasicConstraints =
	       PathLength = 0
	       cA	  = TRUE
		 [CRITICAL]

       Finished successfully.

SEE ALSO
       Commands: ipsec_certmake(8),  ipsec_convert(8),	ipsec_keypaircheck(8),
       ipsec_keytool(8)

							     ipsec_certview(8)
[top]

List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net