1OPENSSL-STOREUTL(1ossl) OpenSSL OPENSSL-STOREUTL(1ossl)
2
3
4
6 openssl-storeutl - STORE command
7
9 openssl storeutl [-help] [-out file] [-noout] [-passin arg] [-text arg]
10 [-r] [-certs] [-keys] [-crls] [-subject arg] [-issuer arg] [-serial
11 arg] [-alias arg] [-fingerprint arg] [-digest] [-engine id] [-provider
12 name] [-provider-path path] [-propquery propq] uri ...
13
15 This command can be used to display the contents (after decryption as
16 the case may be) fetched from the given URIs.
17
19 -help
20 Print out a usage message.
21
22 -out filename
23 specifies the output filename to write to or standard output by
24 default.
25
26 -noout
27 this option prevents output of the PEM data.
28
29 -passin arg
30 the key password source. For more information about the format of
31 arg see openssl-passphrase-options(1).
32
33 -text
34 Prints out the objects in text form, similarly to the -text output
35 from openssl-x509(1), openssl-pkey(1), etc.
36
37 -r Fetch objects recursively when possible.
38
39 -certs
40 -keys
41 -crls
42 Only select the certificates, keys or CRLs from the given URI.
43 However, if this URI would return a set of names (URIs), those are
44 always returned.
45
46 -subject arg
47 Search for an object having the subject name arg.
48
49 The arg must be formatted as
50 "/type0=value0/type1=value1/type2=...". Special characters may be
51 escaped by "\" (backslash), whitespace is retained. Empty values
52 are permitted but are ignored for the search. That is, a search
53 with an empty value will have the same effect as not specifying the
54 type at all. Giving a single "/" will lead to an empty sequence of
55 RDNs (a NULL-DN). Multi-valued RDNs can be formed by placing a "+"
56 character instead of a "/" between the AttributeValueAssertions
57 (AVAs) that specify the members of the set.
58
59 Example:
60
61 "/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe"
62
63 -issuer arg
64 -serial arg
65 Search for an object having the given issuer name and serial
66 number. These two options must be used together. The issuer arg
67 must be formatted as "/type0=value0/type1=value1/type2=...",
68 characters may be escaped by \ (backslash), no spaces are skipped.
69 The serial arg may be specified as a decimal value or a hex value
70 if preceded by "0x".
71
72 -alias arg
73 Search for an object having the given alias.
74
75 -fingerprint arg
76 Search for an object having the given fingerprint.
77
78 -digest
79 The digest that was used to compute the fingerprint given with
80 -fingerprint.
81
82 -engine id
83 See "Engine Options" in openssl(1). This option is deprecated.
84
85 -provider name
86 -provider-path path
87 -propquery propq
88 See "Provider Options" in openssl(1), provider(7), and property(7).
89
91 openssl(1)
92
94 This command was added in OpenSSL 1.1.1.
95
96 The -engine option was deprecated in OpenSSL 3.0.
97
99 Copyright 2016-2020 The OpenSSL Project Authors. All Rights Reserved.
100
101 Licensed under the Apache License 2.0 (the "License"). You may not use
102 this file except in compliance with the License. You can obtain a copy
103 in the file LICENSE in the source distribution or at
104 <https://www.openssl.org/source/license.html>.
105
106
107
1083.0.5 2022-07-05 OPENSSL-STOREUTL(1ossl)