pkcs7.pod 2.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120
  1. =pod
  2. =head1 NAME
  3. openssl-pkcs7,
  4. pkcs7 - PKCS#7 utility
  5. =head1 SYNOPSIS
  6. B<openssl> B<pkcs7>
  7. [B<-help>]
  8. [B<-inform PEM|DER>]
  9. [B<-outform PEM|DER>]
  10. [B<-in filename>]
  11. [B<-out filename>]
  12. [B<-print_certs>]
  13. [B<-text>]
  14. [B<-noout>]
  15. [B<-engine id>]
  16. =head1 DESCRIPTION
  17. The B<pkcs7> command processes PKCS#7 files in DER or PEM format.
  18. =head1 OPTIONS
  19. =over 4
  20. =item B<-help>
  21. Print out a usage message.
  22. =item B<-inform DER|PEM>
  23. This specifies the input format. B<DER> format is DER encoded PKCS#7
  24. v1.5 structure.B<PEM> (the default) is a base64 encoded version of
  25. the DER form with header and footer lines.
  26. =item B<-outform DER|PEM>
  27. This specifies the output format, the options have the same meaning and default
  28. as the B<-inform> option.
  29. =item B<-in filename>
  30. This specifies the input filename to read from or standard input if this
  31. option is not specified.
  32. =item B<-out filename>
  33. Specifies the output filename to write to or standard output by
  34. default.
  35. =item B<-print_certs>
  36. Prints out any certificates or CRLs contained in the file. They are
  37. preceded by their subject and issuer names in one line format.
  38. =item B<-text>
  39. Prints out certificates details in full rather than just subject and
  40. issuer names.
  41. =item B<-noout>
  42. Don't output the encoded version of the PKCS#7 structure (or certificates
  43. is B<-print_certs> is set).
  44. =item B<-engine id>
  45. Specifying an engine (by its unique B<id> string) will cause B<pkcs7>
  46. to attempt to obtain a functional reference to the specified engine,
  47. thus initialising it if needed. The engine will then be set as the default
  48. for all available algorithms.
  49. =back
  50. =head1 EXAMPLES
  51. Convert a PKCS#7 file from PEM to DER:
  52. openssl pkcs7 -in file.pem -outform DER -out file.der
  53. Output all certificates in a file:
  54. openssl pkcs7 -in file.pem -print_certs -out certs.pem
  55. =head1 NOTES
  56. The PEM PKCS#7 format uses the header and footer lines:
  57. -----BEGIN PKCS7-----
  58. -----END PKCS7-----
  59. For compatibility with some CAs it will also accept:
  60. -----BEGIN CERTIFICATE-----
  61. -----END CERTIFICATE-----
  62. =head1 RESTRICTIONS
  63. There is no option to print out all the fields of a PKCS#7 file.
  64. This PKCS#7 routines only understand PKCS#7 v 1.5 as specified in RFC2315 they
  65. cannot currently parse, for example, the new CMS as described in RFC2630.
  66. =head1 SEE ALSO
  67. L<crl2pkcs7(1)>
  68. =head1 COPYRIGHT
  69. Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved.
  70. Licensed under the Apache License 2.0 (the "License"). You may not use
  71. this file except in compliance with the License. You can obtain a copy
  72. in the file LICENSE in the source distribution or at
  73. L<https://www.openssl.org/source/license.html>.
  74. =cut