Network Security with OpenSSL

Name

The ca command is a basic certification authority that can be used to issue X.509 certificates and certificate revocation lists.

-config filename: Specify the name of a file to be used as a configuration file. If omitted, the system-wide default configuration file is used. Use of this option overrides the OPENSSL_CONF environment variable.
-verbose: Cause more information to be displayed than normal.
-name section: Specify the name of a section in the configuration file being used that contains the default settings for the CA. The default is to use the section specified by the default_ca key in the ca section of the configuration file.
-in filename: Specify the name of a file containing a certificate request to be signed by the CA, causing a certificate to be created.
-ss_cert filename: Specify the name of a file containing a self-signed certificate to be signed by the CA.
-spkac filename: Specify the name of a file containing a Netscape Signed Public Key and Challenge.
-infiles: If this option is present, it must be the last option on the command line. Each argument after it is assumed to be a file containing a certificate request to be signed by the CA, and certificates will be created for each one.
-out filename: Specify the name of a file to write the certificate or certificates created by the CA to. The default is to write certificates to stdout. If the gencrl option is used, this option specifies the name of the file to which the generated certificate ...

Get Network Security with OpenSSL now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.