diff options
Diffstat (limited to 'keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8')
-rw-r--r-- | keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8 | 85 |
1 files changed, 85 insertions, 0 deletions
diff --git a/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8 b/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8 new file mode 100644 index 0000000..1c1b629 --- /dev/null +++ b/keyexchange/isakmpd-20041012/apps/certpatch/certpatch.8 @@ -0,0 +1,85 @@ +.\" $OpenBSD: certpatch.8,v 1.8 2003/06/04 07:31:17 ho Exp $ +.\" $EOM: certpatch.8,v 1.5 2000/04/07 22:17:11 niklas Exp $ +.\" +.\" Copyright (c) 1999 Niklas Hallqvist. All rights reserved. +.\" Copyright (c) 1999 Angelos D. Keromytis. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.\" This code was written under funding by Ericsson Radio Systems. +.\" +.\" Manual page, using -mandoc macros +.\" +.Dd July 18, 1999 +.Dt CERTPATCH 8 +.Os +.Sh NAME +.Nm certpatch +.Nd add subjectAltName identities to X.509 certificates +.Sh SYNOPSIS +.Nm certpatch +.Op Fl t Ar identity-type +.Fl i +.Ar identity +.Fl k +.Ar signing-key +.Ar input-certificate output-certificate +.Sh DESCRIPTION +.Nm +alters PEM-encoded X.509 certificates by adding a subjectAltName extension +containing an identity used by the signature-based authentication schemes +of the ISAKMP protocol. +After the addition the certificate will be signed +once again with the supplied CA signing key. +.Pp +The options are as follows: +.Bl -tag -width Ds +.It Fl t Ar identity-type +If given, the +.Fl t +option specifies the type of the given identity. +Currently +.Li ip , +.Li fqdn , +and +.Li ufqdn +are recognized. +The default is +.Li ip . +.It Fl i Ar identity +The +.Fl i +option takes an argument which is the identity to put into the +subjectAltName field of the certificate. +If the identity-type is +.Li ip , +this argument should be an IPv4 address in dotted decimal notation. +.It Fl k Ar signing-key +The +.Fl k +option specifies the key used for signing the certificate once the +subjectAltName extension has been added. +The key is specified by +the filename where it is stored in PEM format. +.El +.Sh SEE ALSO +.Xr isakmpd 8 , +.Xr ssl 8 |