1PKI --VERIFY(1) strongSwan PKI --VERIFY(1)
2
3
4
6 pki --verify - Verify a certificate using a CA certificate
7
9 pki --verify [--in file] [--cacert file] [--debug level] [--online]
10
11 pki --verify --options file
12
13 pki --verify -h | --help
14
16 This sub-command of pki(1) verifies a certificate using an optional CA
17 certificate.
18
20 -h, --help
21 Print usage information with a summary of the available options.
22
23 -v, --debug level
24 Set debug level, default: 1.
25
26 -+, --options file
27 Read command line options from file.
28
29 -i, --in file
30 X.509 certificate to verify. If not given it is read from STDIN.
31
32 -c, --cacert file
33 CA certificate to use for trustchain verification. If not given
34 the certificate is assumed to be self-signed.
35
36 -o, --online
37 Enable online CRL/OCSP revocation checking.
38
40 The exit status is 0 if the certificate was verified successfully, 1 if
41 the certificate is untrusted, 2 if the certificate's lifetimes are
42 invalid, and 3 if the certificate was verified successfully but the
43 online revocation check indicated that it has been revoked.
44
46 pki(1)
47
48
49
505.2.0 2013-07-31 PKI --VERIFY(1)