1PKI --REQ(1)                      strongSwan                      PKI --REQ(1)
2
3
4

NAME

6       pki --req - Create a PKCS#10 certificate request
7

SYNOPSIS

9       pki --req [--in file] [--type type] --dn distinguished-name
10                 [--san subjectAltName] [--password password]
11                 [--digest digest] [--outform encoding] [--debug level]
12
13       pki --req --options file
14
15       pki --req -h | --help
16

DESCRIPTION

18       This  sub-command  of  pki(1)  is  used to create a PKCS#10 certificate
19       request.
20

OPTIONS

22       -h, --help
23              Print usage information with a summary of the available options.
24
25       -v, --debug level
26              Set debug level, default: 1.
27
28       -+, --options file
29              Read command line options from file.
30
31       -i, --in file
32              Private key input file. If not given the key is read from STDIN.
33
34       -t, --type type
35              Type of the input key. Either rsa or ecdsa, defaults to rsa.
36
37       -d, --dn distinguished-name
38              Subject distinguished name (DN). Required.
39
40       -a, --san subjectAltName
41              subjectAltName extension to include in request. Can be used mul‐
42              tiple times.
43
44       -p, --password password
45              The challengePassword to include in the certificate request.
46
47       -g, --digest digest
48              Digest  to use for signature creation. One of md5, sha1, sha224,
49              sha256, sha384, or sha512. Defaults to sha1.
50
51       -f, --outform encoding
52              Encoding of the created certificate file. Either der (ASN.1 DER)
53              or pem (Base64 PEM), defaults to der.
54

EXAMPLES

56       Generate  a  certificate  request for an RSA key, with a subjectAltName
57       extension:
58
59         pki --req --in key.der --dn "C=CH, O=strongSwan, CN=moon" \
60              --san moon@strongswan.org > req.der
61
62       Generate a certificate request for an ECDSA key and a different digest:
63
64         pki --req --in key.der --type ecdsa --digest sha256 \
65             --dn "C=CH, O=strongSwan, CN=carol"  > req.der
66

SEE ALSO

68       pki(1)
69
70
71
725.2.0                             2013-07-31                      PKI --REQ(1)
Impressum