1GENKEY(1)                                                            GENKEY(1)
2
3
4

NAME

6       genkey - generate SSL certificates and certificate requests
7

SYNOPSIS

9       genkey [--test] [--days count] [[--genreq] | [--makeca]] {hostname}
10

DESCRIPTION

12       genkey is an interactive command-line tool which can be used to
13       generate SSL certificates or Certificate Signing Requests (CSR).
14       Generated certificates are stored in the directory /etc/pki/tls/certs/,
15       and the corresponding private key in /etc/pki/tls/private/.
16
17       genkey will prompt for the size of key desired; whether or not to
18       generate a CSR; whether or not an encrypted private key is desired; the
19       certificate subject DN details.
20
21       genkey generates random data for the private key using the truerand
22       library and also by prompting the user for entry of random text.
23

OPTIONS

25       --makceca
26           Generate a Certificate Authority keypair.
27
28       --genreq
29           Generate a Certificate Signing Request for an existing private key,
30           which can be submitted to a CA (for example, for renewal).
31
32       --days count
33           When generating a self-signed certificate, specify that the number
34           of days for which the certificate is valid be count rather than the
35           default value of 30.
36
37       --test
38           For test purposes only; omit the slow process of generating random
39           data.
40

EXAMPLES

42       The following example will create a self-signed certificate and private
43       key for the hostname www.example.com:
44
45                   # genkey --days 120 www.example.com
46
47
48

FILES

50       /etc/pki/tls/openssl.cnf
51

SEE ALSO

53       certwatch(1)
54
55
56
57crypto-utils                      April 2005                         GENKEY(1)
Impressum