genkey
GENKEY(1) GENKEY(1)
NAME
genkey - generate SSL certificates and certificate requests
SYNOPSIS
genkey [--test] [--days count] [--genreq | --makeca] {hostname}
DESCRIPTION
genkey is an interactive command-line tool which can be used to gener-
ate SSL certificates or Certificate Signing Requests (CSR). Generated
certificates are stored in the directory /etc/pki/tls/certs/, and the
corresponding private key in /etc/pki/tls/private/.
genkey will prompt for the size of key desired; whether or not to gen-
erate a CSR; whether or not an encrypted private key is desired; the
certificate subject DN details.
genkey generates random data for the private key using the truerand li-
brary and also by prompting the user for entry of random text.
OPTIONS
--makceca
Generate a Certificate Authority keypair.
--genreq
Generate a Certificate Signing Request for an existing private
key, which can be submitted to a CA (for example, for renewal).
--days count
When generating a self-signed certificate, specify that the num-
ber of days for which the certificate is valid be count rather
than the default value of 30.
--test For test purposes only; omit the slow process of generating ran-
dom data.
EXAMPLES
The following example will create a self-signed certificate and private
key for the hostname www.example.com:
# genkey --days 120 www.example.com
FILES
/etc/pki/tls/openssl.cnf
SEE ALSO
certwatch(1)
crypto-utils April 2005 GENKEY(1)
Man(1) output converted with
man2html