Name
crl
Synopsis
The crl
command is used to examine and verify
the validity of certificate revocation lists. The command can be used
to display the contents of a CRL in human-readable form. It can also
be used to convert CRLs between DER and PEM formats.
Options
- -in filename
Specify the name of the file containing a CRL to be examined or verified. If this option is omitted,
stdin
is used.- -inform DER|PEM
Specify the format of the CRL that will be examined or verified. Possible formats are DER or PEM. If this option is omitted, PEM is the default format.
- -out filename
Specify the name of a file to which the command’s output will be written. If this option is omitted,
stdout
is used.- -outform DER|PEM
Specify the format of the CRL that will be written out by the command. If this option is omitted, the default is PEM.
- -text
Cause a human-readable text representation of the CRL to be written to the output destination.
- -noout
Suppress the output of the CRL in DER or PEM format. By default, the input CRL is also output, except when the CRL’s signature is being verified.
- -hash
Cause a hash of the CRL’s issuer name to be written to the output destination. The hash can be used to look up CRLs in a directory by issuer name in which the standard filename for each CRL is the hash of the issuer’s name and an extension of “.0”.
- -issuer
Cause the CRL issuer’s name to be written to the output destination.
- -lastupdate
Cause the CRL’s
lastUpdate
field to be written to the output destination. ...
Get Network Security with OpenSSL now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.