Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help 
tpm2_certifyX509certutil(1) General Commands Manualtpm2_certifyX509certutil(1)

NAME
       tpm2_certifyX509certutil(1) - Generate partial X509 certificate.

SYNOPSIS
       tpm2_certifyX509certutil	[OPTIONS]

DESCRIPTION
       tpm2_certifyX509certutil(1)  -  Generates a partial certificate that is
       suitable	as the third input  parameter  for  TPM2_certifyX509  command.
       The  certificate	 data  is written into a file in DER format and	can be
       examined	using openssl asn1parse	tool as	follows:

	      openssl asn1parse	-in partial_cert.der -inform DER

OPTIONS
       These are the available options:

        -o, --outcert=STRING: The output file where the certificate  will  be
	 written to.  The default is partial_cert.der Optional parameter.

        -d,  --days=NUMBER:  The number of days the certificate will be valid
	 starting from today.  The default is 3560 (10 years) Optional parame-
	 ter.

        -i, --issuer=STRING: The ISSUER entry for the cert in	the  following
	 format:  -issuer="C=US;O=org;OU=Org  unit;CN=cname"  Supported	fields
	 are:

	  C - "Country", max size = 2

	  O - "Org", max size = 8

	  OU -	"Org Unit", max	size = 8

	  CN -	"Common	Name", max size	= 8 The	files  need  to	 be  separated
	   with	 semicolon.   At  list one supported field is required for the
	   option to be	valid.	Optional parameter.

        -s, --subject=STRING: The SUBJECT for the cert	in the following  for-
	 mat: -subject="C=US;O=org;OU=Org unit;CN=cname" Supported fields are:

	  C - "Country", max size = 2

	  O - "Org", max size = 8

	  OU -	"Org Unit", max	size = 8

	  CN  -  "Common  Name",  max size = 8	The files need to be separated
	   with	semicolon.  At list one	supported field	is  required  for  the
	   option to be	valid.	Optional parameter.

        ARGUMENT No arguments required.

   References
COMMON OPTIONS
       This  collection	of options are common to many programs and provide in-
       formation that many users may expect.

        -h, --help=[man|no-man]: Display the tools manpage.  By  default,  it
	 attempts  to  invoke  the  manpager for the tool, however, on failure
	 will output a short tool summary.  This is the	same behavior  if  the
	 "man"	option argument	is specified, however if explicit "man"	is re-
	 quested, the tool will	provide	errors from man	 on  stderr.   If  the
	 "no-man"  option  if  specified, or the manpager fails, the short op-
	 tions will be output to stdout.

	 To successfully use the manpages feature requires the manpages	to  be
	 installed or on MANPATH, See man(1) for more details.

        -v,  --version:  Display version information for this tool, supported
	 tctis and exit.

        -V, --verbose:	Increase the information that the tool prints  to  the
	 console  during  its  execution.  When	using this option the file and
	 line number are printed.

        -Q, --quiet: Silence normal tool output to stdout.

        -Z, --enable-errata: Enable the application of	errata fixups.	Useful
	 if an errata fixup needs to be	applied	to commands sent to  the  TPM.
	 Defining  the environment TPM2TOOLS_ENABLE_ERRATA is equivalent.  in-
	 formation many	users may expect.

EXAMPLES
	      tpm2 certifyX509certutil -o partial_cert.der -d 356

Returns
       Tools can return	any of the following codes:

        0 - Success.

        1 - General non-specific error.

        2 - Options handling error.

        3 - Authentication error.

        4 - TCTI related error.

        5 - Non supported scheme.  Applicable to tpm2_testparams.

BUGS
       Github Issues (https://github.com/tpm2-software/tpm2-tools/issues)

HELP
       See the Mailing List (https://lists.linuxfoundation.org/mailman/listin-
       fo/tpm2)

tpm2-tools					   tpm2_certifyX509certutil(1)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=tpm2_certifyX509certutil&sektion=1&manpath=FreeBSD+Ports+14.3.quarterly>

home | help