FreeBSD Manual Pages
tpm2_certifyX509certutil(1) General Commands Manualtpm2_certifyX509certutil(1) NAME tpm2_certifyX509certutil(1) - Generate partial X509 certificate. SYNOPSIS tpm2_certifyX509certutil [OPTIONS] DESCRIPTION tpm2_certifyX509certutil(1) - Generates a partial certificate that is suitable as the third input parameter for TPM2_certifyX509 command. The certificate data is written into a file in DER format and can be examined using openssl asn1parse tool as follows: openssl asn1parse -in partial_cert.der -inform DER OPTIONS These are the available options: • -o, --outcert=STRING: The output file where the certificate will be written to. The default is partial_cert.der Optional parameter. • -d, --days=NUMBER: The number of days the certificate will be valid starting from today. The default is 3560 (10 years) Optional parame- ter. • -i, --issuer=STRING: The ISSUER entry for the cert in the following format: -issuer="C=US;O=org;OU=Org unit;CN=cname" Supported fields are: • C - "Country", max size = 2 • O - "Org", max size = 8 • OU - "Org Unit", max size = 8 • CN - "Common Name", max size = 8 The files need to be separated with semicolon. At list one supported field is required for the option to be valid. Optional parameter. • -s, --subject=STRING: The SUBJECT for the cert in the following for- mat: -subject="C=US;O=org;OU=Org unit;CN=cname" Supported fields are: • C - "Country", max size = 2 • O - "Org", max size = 8 • OU - "Org Unit", max size = 8 • CN - "Common Name", max size = 8 The files need to be separated with semicolon. At list one supported field is required for the option to be valid. Optional parameter. • ARGUMENT No arguments required. References COMMON OPTIONS This collection of options are common to many programs and provide in- formation that many users may expect. • -h, --help=[man|no-man]: Display the tools manpage. By default, it attempts to invoke the manpager for the tool, however, on failure will output a short tool summary. This is the same behavior if the "man" option argument is specified, however if explicit "man" is re- quested, the tool will provide errors from man on stderr. If the "no-man" option if specified, or the manpager fails, the short op- tions will be output to stdout. To successfully use the manpages feature requires the manpages to be installed or on MANPATH, See man(1) for more details. • -v, --version: Display version information for this tool, supported tctis and exit. • -V, --verbose: Increase the information that the tool prints to the console during its execution. When using this option the file and line number are printed. • -Q, --quiet: Silence normal tool output to stdout. • -Z, --enable-errata: Enable the application of errata fixups. Useful if an errata fixup needs to be applied to commands sent to the TPM. Defining the environment TPM2TOOLS_ENABLE_ERRATA is equivalent. in- formation many users may expect. EXAMPLES tpm2 certifyX509certutil -o partial_cert.der -d 356 Returns Tools can return any of the following codes: • 0 - Success. • 1 - General non-specific error. • 2 - Options handling error. • 3 - Authentication error. • 4 - TCTI related error. • 5 - Non supported scheme. Applicable to tpm2_testparams. BUGS Github Issues (https://github.com/tpm2-software/tpm2-tools/issues) HELP See the Mailing List (https://lists.linuxfoundation.org/mailman/listin- fo/tpm2) tpm2-tools tpm2_certifyX509certutil(1)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | COMMON OPTIONS | EXAMPLES | Returns | BUGS | HELP
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tpm2_certifyX509certutil&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>