1GVM-MANUAsGeEr-CmEaRnTuSa(l1)for the Open Vulnerability Assessment SystGeVmM-(MOApNeAnGVEA-SC)ERTS(1)
2
3
4

NAME

6       gvm-manage-certs  - manage certificate infrastructure for a GVM instal‐
7       lation
8

SYNOPSIS

10       gvm-manage-certs [OPTION]...
11

DESCRIPTION

13       gvm-manage-certs manages  the  certificate  infrastructure  for  a  GVM
14       installation.   The  certificate  infrastructure enables GVM daemons to
15       communicate in a secure manner  and  is  used  for  authentication  and
16       authorization before establishing TLS connections between the daemons.
17
18       The  GVM certificate infrastructure consists of a certificate authority
19       (CA) which is trusted by all GVM daemons.  This CA is then used to sign
20       certificates  used  by  the  various  daemons.  The certificates can be
21       divided into two use cases:
22
23       ·  Server certificates, primarily used for authentication
24
25       ·  Client certificates, primarily used for authorization
26
27       gvm-manage-certs can perform an automatic creation of  a  default  cer‐
28       tificate  infrastructure  for a standard GVM installation.  It can also
29       verify an  existing  infrastructure  and  perform  various  certificate
30       related tasks to support the setup of a more complex infrastructure.
31

OPTIONS

33   Certificate infrastructure management
34       -a     Automatically set up default infrastructure for GVM
35
36       -V     Verify existing GVM certificate infrastructure
37
38       -C     Create a certificate authority (CA)
39
40       -R     Create a certificate request for a CA
41
42       -r     Create a certificate request for a CA and sign it
43
44       -C     Create a certificate authority (CA)
45
46       -I     Install a CA certificate
47
48       -c     Create a certificate request and sign it
49
50       -i     Install a certificate
51
52       -S     Sign a certificate request
53
54       -f     Force overwriting of existing files
55
56   Certificate options
57       -E     Create  a  server  certificate.   This  sets the appropriate key
58              usage constraints for a server certificate.
59
60       -L     Create a client certificate.   This  sets  the  appropriate  key
61              usage constraints for a client certificate.
62
63       -A     Skip  CA  generation  in  automatic  mode.   This  automatically
64              (re-)generates server and client certificates, but keeps the  CA
65              certificate.
66
67   Configuration
68       -e  file  Read  configuration  from  file  (see below for configuration
69       details)
70
71   Output control
72       -d     Print debug output
73
74       -v     Print verbose messages
75
76       -q     Be quiet, only print error messages
77
78   Other options
79       -h     Print help
80

EXIT STATUS

82       0      The requested operation was successfully performed.
83
84       1      An error occurred, the requested operation  could  not  be  per‐
85              formed.
86

ENVIRONMENT

88       All  certificate  generation options can be set either through the con‐
89       figuration file or through environment variables like the following:
90
91       GVM_CERTIFICATE_LIFETIME
92              Days until the certificate will expire
93
94       GVM_CERTIFICATE_HOSTNAME
95              Name to use for the certificate
96
97       GVM_CERTIFICATE_SIGNALG
98              Hash algorithm to use for signing
99
100       GVM_CERTIFICATE_KEYSIZE
101              Size in bits of the generated key
102
103       GVM_CERTIFICATE_SECPARAM
104              GnuTLS security level [low|medium|high|ultra]
105
106       GVM_CERT_DIR
107              Directory where keys and certificates are stored before  instal‐
108              lation
109
110       GVM_CERT_PREFIX
111              Prefix for certificate filename (e.g. "server")
112
113       For  a complete list of options, please refer to the example configura‐
114       tion file included in the documentation.
115

SEE ALSO

117       openvassd(8), gvmd(8), gsad(8)
118
119
120
121The OpenVAS Project               2015-09-21               GVM-MANAGE-CERTS(1)