GENKEY - Online Linux Manual PageSection : 1
Updated : 10 May 2016
Source : crypto-utils 2.4.1
Note : Cryptography Utilities

NAMEgenkey − generate SSL certificates and certificate requests

SYNOPSISgenkey [−−test] [−−days count] [[−−genreq] | [−−makeca] | [−−nss] | [−−renew] | [−−cacert]] {hostname}

DESCRIPTIONgenkey is an interactive command−line tool which can be used to generate SSL certificates or Certificate Signing Requests (CSR)​. Generated certificates are stored in the directory /etc/pki/tls/certs/, and the corresponding private key in /etc/pki/tls/private/​. When using mod_nss the private key is stored in the nss database​. Consult the nss​.conf file in /etc/httpd/conf​.d/ for the location of the database​. genkey will prompt for the size of key desired; whether or not to generate a CSR; whether or not an encrypted private key is desired; the certificate subject DN details​. genkey generates random data for the private key using the truerand library and also by prompting the user for entry of random text​. nss indicates that mod_nss database should be used to store keys and certificates​.

OPTIONS−−makeca Generate a Certificate Authority keypair and certificate​. −−genreq Generate a Certificate Signing Request for an existing private key, which can be submitted to a CA (for example, for renewal)​. −−renew Used with −−genreq to indicate a renewal, the existing keypair will be used​. Certs and keys must reside in the nss database, therefore −−nss is also required​. Pem file based cert renewal is not currently supported​. −−cacert The certificate renewal is for a CA, needed for openssl certs only​. −−days count When generating a self−signed certificate, specify that the number of days for which the certificate is valid be count rather than the default value of 30​. −−test For test purposes only; omit the slow process of generating random data​.

EXAMPLESThe following example will create a self−signed certificate and private key for the hostname www​.example​.com: # genkey −−days 120 www​.example​.com The following example will create a self−signed certificate and private key for the hostname www​.nssexample​.com which will be stored in cert and key in the nss database​. If no nickname is given the tool will extract it from mod_nss´s nss configuration file​. # genkey −−days −−nss 120 www​.nssexample​.com The following example will generate a certificate signing request for a new mod_nss style cert specified by its nickname, Server−Cert: # genkey −−genreq −−nss −−days 120 Server−Cert The following example will generate a certificate signing request for the renewal of an existing mod_nss cert specified by its nickname, Server−Cert: # genkey −−genreq −−renew −−nss −−days 120 Server−Cert

FILES/etc/pki/tls/openssl​.cnf

SEE ALSOcertwatch(1), keyrand(1)
0
Johanes Gumabo
Data Size   :   11,503 byte
man-genkey.1Build   :   2024-12-05, 20:55   :  
Visitor Screen   :   x
Visitor Counter ( page / site )   :   2 / 167,725
Visitor ID   :     :  
Visitor IP   :   3.147.51.72   :  
Visitor Provider   :   AMAZON-02   :  
Provider Position ( lat x lon )   :   39.962500 x -83.006100   :   x
Provider Accuracy Radius ( km )   :   1000   :  
Provider City   :   Columbus   :  
Provider Province   :   Ohio ,   :   ,
Provider Country   :   United States   :  
Provider Continent   :   North America   :  
Visitor Recorder   :   Version   :  
Visitor Recorder   :   Library   :  
Online Linux Manual Page   :   Version   :   Online Linux Manual Page - Fedora.40 - march=x86-64 - mtune=generic - 24.12.05
Online Linux Manual Page   :   Library   :   lib_c - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Online Linux Manual Page   :   Library   :   lib_m - 24.10.03 - march=x86-64 - mtune=generic - Fedora.40
Data Base   :   Version   :   Online Linux Manual Page Database - 24.04.13 - march=x86-64 - mtune=generic - fedora-38
Data Base   :   Library   :   lib_c - 23.02.07 - march=x86-64 - mtune=generic - fedora.36

Very long time ago, I have the best tutor, Wenzel Svojanovsky . If someone knows the email address of Wenzel Svojanovsky , please send an email to johanes_gumabo@yahoo.co.id .
If error, please print screen and send to johanes_gumabo@yahoo.co.id
Under development. Support me via PayPal.