Title here
Summary here
rsakeypair
Usage
ocm create rsakeypair [<private key file> [<public key file>]] {<subject-attribute>=<value>}Options
--ca create certificate for a signing authority
--ca-cert string certificate authority to sign public key
--ca-key string private key for certificate authority
-E, --encrypt encrypt private key with new key
-e, --encryptionKey string encrypt private key with given key
-h, --help help for rsakeypair
--root-certs string root certificates used to validate used certificate authority
--validity duration certificate validity (default 87600h0m0s)Description
Create an RSA public key pair and save to files.
The default for the filename to store the private key is rsa.priv.
If no public key file is specified, its name will be derived from the filename for
the private key (suffix .pub for public key or .cert
for certificate). If a certificate authority is given (–ca-cert)
the public key will be signed. In this case a subject (at least common
name/issuer) and a private key (–ca-key) for the ca used to sign the
key is required.
If only a subject is given and no ca, the public key will be self-signed.
A signed public key always contains the complete certificate chain. If a
non-self-signed ca is used to sign the key, its certificate chain is verified.
Therefore, an additional root certificate (–root-certs) is required,
if no public root certificate was used to create the used ca.
For signing the public key the following subject attributes are supported:
CN,common-name,issuer: Common Name/IssuerO,organization,org: OrganizationOU,organizational-unit,org-unit: Organizational UnitSTREET(multiple): Street AddressPOSTALCODE,postal-code(multiple): Postal CodeL,locality(multiple): LocalityS,province, (multiple): ProvinceC,country, (multiple): Country
Examples
$ ocm create rsakeypair mandelsoft.priv mandelsoft.cert issuer=mandelsoftSee Also
- ocm create — Create transport or component archive
Prev
routingslips