ipsec_certview man page on DigitalUNIX

Man page or keyword search:  
man Server   12896 pages
apropos Keyword Search (all sections)
Output format
DigitalUNIX logo
[printable version]

ipsec_certview(8)					     ipsec_certview(8)

       ipsec_certview - Displays the contents of IPsec certificate files

       /usr/sbin/ipsec_certview [options] file [[options] file] ...

       Specifies  a file that contains an X.509 public key certificate or cer‐
       tificate request.  Specifies a file that contains an X.509  certificate
       revocation list.	 Specifies a file that contains a private key.	Speci‐
       fies a file whose contents are in HEXL format. The  default  format  is
       binary (DER) encoding.  Specifies a file whose contents are in PEM for‐
       mat. The default format is binary (DER) encoding.   Prints  X.500-style
       names  in  the  order  that would be used when fetching the certificate
       from an LDAP server.  Displays large numbers (for example, key  values)
       in base 16 notation.  Sets the output line width to n characters.  Dis‐
       plays a summary of the command options and exit.

       The ipsec_certview command displays the contents	 of  files  containing
       public-key  certificate	information.   This  command and other related
       certificate commands provided in this IPsec implementation are intended
       for testing purposes only.  They are not intended to provide a complete
       public-key certificate infrastructure.

       Each input file is read, and a formatted	 display  of  the  certificate
       data  is	 written  to  standard output.	Information displayed includes
       certificate subject name, issuer, validity dates, key information,  and
       extensions.   The  type of certificate-related file is specified by the
       -cert, -crl, and -prv options.  If no file type is specified, the util‐
       ity will attempt to figure out the file type from the file contents.

       If  both	 the  file  type  and encoding format are omitted, the utility
       assumes binary encoding and tries to guess the file type.   This	 might
       fail  and  produce spurious error messages, particularly if the file is
       actually PEM encoded.

       The viewing of private key  files  associated  with  Digital  Signature
       Authority (DSA) certificates is not currently supported.

       The following displays a PEM-encoded certificate file: # ipsec_certview
       -pem -base16 test-root.pem SSH X.509 v3 certificate and v2  crl	viewer
       demo  Copyright	(c)  1998-2000	SSH Communications Security, Ltd.  All
       rights reserved.	 Reading file 'test-root.pem' for  automatic.	Trying
       to decode the object...
	assuming it is a certificate ... success.

       Certificate =
	 SerialNumber = 0x84c
	 SubjectName =
	 IssuerName =
	 Certificate seems to be self-signed.
	     * Signature verification success.
	 Validity =
	   NotBefore = 2000 Jan	 1st, 19:30:00 GMT
	   NotAfter  = 2001 Jan	 1st, 12:00:00 GMT
	 PublicKeyInfo =
	   Algorithm name (X.509) : dsaEncryption
	   SSH library default names
	     base type		 = dl-modp
	     signature algorithm = dsa-nist-sha1
	   Modulus p	 ( 768 bits) :
	   Group	order	     q	      (	       160	 bits)	     :
	   Generator g	 ( 765 bits) :
	   Public key y	 ( 761 bits) :
	   Extensions =
	     Available = key usage, basic constraints(critical)
	     KeyUsage = DigitalSignature KeyCertSign
	     BasicConstraints =
	       PathLength = 0
	       cA	  = TRUE

       Finished successfully.

       Commands: ipsec_certmake(8),  ipsec_convert(8),	ipsec_keypaircheck(8),


List of man pages available for DigitalUNIX

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net