sscg(8) - c8

1SSCG(8)                 System Administration Utilities                SSCG(8)
2
3
4

NAME

6       sscg - Tool for generating x.509 certificates
7

SYNOPSIS

9       sscg [OPTION...]
10

DESCRIPTION

12       -q, --quiet
13              Display no output unless there is an error.
14
15       -v, --verbose
16              Display progress messages.
17
18       -d, --debug
19              Enable  logging  of  debug messages.  Implies verbose.  Warning!
20              This will print private key information to the screen!
21
22       -V, --version
23              Display the version number and exit.
24
25       -f, --force
26              Overwrite any pre-existing files in the requested locations
27
28       --lifetime=1-3650
29              Certificate lifetime (days). (default: 3650)
30
31       --country=US, CZ, etc.
32              Certificate DN: Country (C). (default: "US")
33
34       --state=Massachusetts, British Columbia, etc.
35              Certificate DN: State or Province (ST).
36
37       --locality=Westford, Paris, etc.
38              Certificate DN: Locality (L).
39
40       --organization=My Company
41              Certificate DN: Organization (O).  (default: "Unspecified")
42
43       --organizational-unit=Engineering, etc.
44              Certificate DN: Organizational Unit (OU).
45
46       --email=myname@example.com
47              Certificate DN: Email Address (Email).
48
49       --hostname=server.example.com
50              The  valid  hostname  of  the  certificate.  Must  be  an  FQDN.
51              (default: current system FQDN)
52
53       --subject-alt-name alt.example.com
54              Optional  additional  valid  hostnames  for  the certificate. In
55              addition to hostnames, this option also accepts explicit  values
56              supported by RFC 5280 such as IP:xxx.xxx.xxx.xxx/yyy.yyy.yyy.yyy
57              May be specified multiple times.
58
59       --package=STRING
60              Unused. Retained for  compatibility  with  earlier  versions  of
61              sscg.
62
63       --key-strength=2048 or larger
64              Strength  of  the  certificate  private keys in bits.  (default:
65              2048)
66
67       --hash-alg={sha256,sha384,sha512}
68              Hashing algorithm to use for signing.  (default: "sha256")
69
70       --ca-file=STRING
71              Path where the public CA certificate will be  stored.  (default:
72              "./ca.crt")
73
74       --ca-mode=0644
75              File mode of the created CA certificate. (default: 0644)
76
77       --ca-key-file=STRING
78              Path  where the CA's private key will be stored. If unspecified,
79              the key will be destroyed rather than written to the disk.
80
81       --ca-key-mode=0600
82              File mode of the created CA key.  (default: 0600)
83
84       --cert-file=STRING
85              Path where  the  public  service  certificate  will  be  stored.
86              (default "./service.pem")
87
88       --cert-mode=0644
89              File mode of the created certificate.  (default: 0644)
90
91       --cert-key-file=STRING
92              Path  where  the service's private key will be stored.  (default
93              "service-key.pem")
94
95       --cert-key-mode=0600
96              File mode of the created certificate key. (default: 0600)
97
98   Help options:
99       -?, --help
100              Show this help message
101
102       --usage
103              Display brief usage message
104
105
106
107sscg 2.3.3                         May 2019                            SSCG(8)