summaryrefslogtreecommitdiff
path: root/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8
diff options
context:
space:
mode:
Diffstat (limited to 'keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8')
-rw-r--r--keyexchange/isakmpd-20041012/apps/certpatch/certpatch.885
1 files changed, 85 insertions, 0 deletions
diff --git a/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8 b/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8
new file mode 100644
index 0000000..1c1b629
--- /dev/null
+++ b/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8
@@ -0,0 +1,85 @@
+.\" $OpenBSD: certpatch.8,v 1.8 2003/06/04 07:31:17 ho Exp $
+.\" $EOM: certpatch.8,v 1.5 2000/04/07 22:17:11 niklas Exp $
+.\"
+.\" Copyright (c) 1999 Niklas Hallqvist. All rights reserved.
+.\" Copyright (c) 1999 Angelos D. Keromytis. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
+.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
+.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
+.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+.\"
+.\" This code was written under funding by Ericsson Radio Systems.
+.\"
+.\" Manual page, using -mandoc macros
+.\"
+.Dd July 18, 1999
+.Dt CERTPATCH 8
+.Os
+.Sh NAME
+.Nm certpatch
+.Nd add subjectAltName identities to X.509 certificates
+.Sh SYNOPSIS
+.Nm certpatch
+.Op Fl t Ar identity-type
+.Fl i
+.Ar identity
+.Fl k
+.Ar signing-key
+.Ar input-certificate output-certificate
+.Sh DESCRIPTION
+.Nm
+alters PEM-encoded X.509 certificates by adding a subjectAltName extension
+containing an identity used by the signature-based authentication schemes
+of the ISAKMP protocol.
+After the addition the certificate will be signed
+once again with the supplied CA signing key.
+.Pp
+The options are as follows:
+.Bl -tag -width Ds
+.It Fl t Ar identity-type
+If given, the
+.Fl t
+option specifies the type of the given identity.
+Currently
+.Li ip ,
+.Li fqdn ,
+and
+.Li ufqdn
+are recognized.
+The default is
+.Li ip .
+.It Fl i Ar identity
+The
+.Fl i
+option takes an argument which is the identity to put into the
+subjectAltName field of the certificate.
+If the identity-type is
+.Li ip ,
+this argument should be an IPv4 address in dotted decimal notation.
+.It Fl k Ar signing-key
+The
+.Fl k
+option specifies the key used for signing the certificate once the
+subjectAltName extension has been added.
+The key is specified by
+the filename where it is stored in PEM format.
+.El
+.Sh SEE ALSO
+.Xr isakmpd 8 ,
+.Xr ssl 8