FreeBSD Manual Pages
GV...SUser manual for the Open Vulnerability Assessment System (OpenVGV...S(1) NAME gvm-manage-certs - manage certificate infrastructure for a GVM instal- lation SYNOPSIS gvm-manage-certs [OPTION]... DESCRIPTION gvm-manage-certs manages the certificate infrastructure for a GVM in- stallation. The certificate infrastructure enables GVM daemons to com- municate in a secure manner and is used for authentication and autho- rization before establishing TLS connections between the daemons. The GVM certificate infrastructure consists of a certificate authority (CA) which is trusted by all GVM daemons. This CA is then used to sign certificates used by the various daemons. The certificates can be di- vided into two use cases: • Server certificates, primarily used for authentication • Client certificates, primarily used for authorization gvm-manage-certs can perform an automatic creation of a default cer- tificate infrastructure for a standard GVM installation. It can also verify an existing infrastructure and perform various certificate re- lated tasks to support the setup of a more complex infrastructure. OPTIONS Certificate infrastructure management -a Automatically set up default infrastructure for GVM -V Verify existing GVM certificate infrastructure -C Create a certificate authority (CA) -R Create a certificate request for a CA -r Create a certificate request for a CA and sign it -C Create a certificate authority (CA) -I Install a CA certificate -c Create a certificate request and sign it -i Install a certificate -S Sign a certificate request -f Force overwriting of existing files Certificate options -E Create a server certificate. This sets the appropriate key us- age constraints for a server certificate. -L Create a client certificate. This sets the appropriate key us- age constraints for a client certificate. -A Skip CA generation in automatic mode. This automatically (re-)generates server and client certificates, but keeps the CA certificate. Configuration -e file Read configuration from file (see below for configuration de- tails) Output control -d Print debug output -v Print verbose messages -q Be quiet, only print error messages Other options -h Print help EXIT STATUS 0 The requested operation was successfully performed. 1 An error occurred, the requested operation could not be per- formed. ENVIRONMENT All certificate generation options can be set either through the con- figuration file or through environment variables like the following: GVM_CERTIFICATE_LIFETIME Days until the certificate will expire GVM_CERTIFICATE_HOSTNAME Name to use for the certificate GVM_CERTIFICATE_SIGNALG Hash algorithm to use for signing GVM_CERTIFICATE_KEYSIZE Size in bits of the generated key GVM_CERTIFICATE_SECPARAM GnuTLS security level [low|medium|high|ultra] GVM_CERT_DIR Directory where keys and certificates are stored before instal- lation GVM_CERT_PREFIX Prefix for certificate filename (e.g. "server") For a complete list of options, please refer to the example configura- tion file included in the documentation. SEE ALSO openvas(8), gvmd(8), gsad(8) The OpenVAS Project 2015-09-21 GV...S(1)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | EXIT STATUS | ENVIRONMENT | SEE ALSO
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=gvm-manage-certs&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>