Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
PKI --VERIFY(1)			  strongSwan		       PKI --VERIFY(1)

NAME
       pki --verify - Verify a certificate using a CA certificate

SYNOPSIS
       pki --verify [--in file]	[--cacert file]	[--crl file] [--debug level]
		    [--online]

       pki --verify --options file

       pki --verify -h | --help

DESCRIPTION
       This  sub-command of pki(1) verifies a certificate using	an optional CA
       certificate.

OPTIONS
       -h, --help
	      Print usage information with a summary of	the available options.

       -v, --debug level
	      Set debug	level, default:	1.

       -+, --options file
	      Read command line	options	from file.

       -i, --in	file
	      X.509 certificate	to verify. If not given	it is read from	STDIN.

       -c, --cacert file
	      CA certificate to	use for	trustchain verification. If not	 given
	      the  certificate is assumed to be	self-signed. May optionally be
	      a	path to	a directory from which CA certificates are loaded. Can
	      be used multiple times.

       -l, --crl file
	      Local CRL	to use for trustchain verification. May	optionally  be
	      a	 path  to  a directory from which CRLs are loaded. Can be used
	      multiple times.  Implies -o.

       -o, --online
	      Enable online CRL/OCSP revocation	checking.

EXIT STATUS
       The exit	status is 0 if the certificate was verified successfully, 1 if
       the certificate is untrusted, 2 if the certificate's lifetimes are  in-
       valid,  and  3 if the certificate was verified successfully but the on-
       line revocation check indicated that it has been	revoked.

SEE ALSO
       pki(1)

6.0.0				  2016-08-19		       PKI --VERIFY(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=pki---verify&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help