diff options
author | Martin Willi <martin@revosec.ch> | 2014-03-27 16:12:29 +0100 |
---|---|---|
committer | Martin Willi <martin@revosec.ch> | 2014-03-31 11:39:25 +0200 |
commit | 3941d55f0116b12646efaba6ed00ec09b5a246c2 (patch) | |
tree | 5d2bea6fece2b10de47b06781d571aa1a58fb1e2 /src | |
parent | 2769a22e1f9ed0dda63933254264bf9c4e3ef888 (diff) | |
download | strongswan-3941d55f0116b12646efaba6ed00ec09b5a246c2.tar.bz2 strongswan-3941d55f0116b12646efaba6ed00ec09b5a246c2.tar.xz |
pki: Document --not-before/after and --dateform options in manpages
Diffstat (limited to 'src')
-rw-r--r-- | src/pki/man/pki---acert.1.in | 25 | ||||
-rw-r--r-- | src/pki/man/pki---issue.1.in | 27 | ||||
-rw-r--r-- | src/pki/man/pki---self.1.in | 27 | ||||
-rw-r--r-- | src/pki/man/pki---signcrl.1.in | 27 |
4 files changed, 99 insertions, 7 deletions
diff --git a/src/pki/man/pki---acert.1.in b/src/pki/man/pki---acert.1.in index 3e23366bc..ec1d8be6e 100644 --- a/src/pki/man/pki---acert.1.in +++ b/src/pki/man/pki---acert.1.in @@ -12,6 +12,8 @@ pki \-\-acert \- Issue an attribute certificate .BI \-\-issuerkey\~ file |\-\-issuerkeyid\~ hex .BI \-\-issuercert\~ file .OP \-\-lifetime hours +.OP \-\-not-before datetime +.OP \-\-not-after datetime .OP \-\-serial hex .OP \-\-digest digest .OP \-\-outform encoding @@ -69,7 +71,28 @@ is required. Issuer certificate file. Required. .TP .BI "\-l, \-\-lifetime " hours -Hours the attribute certificate is valid, default: 24. +Hours the attribute certificate is valid, default: 24. Ignored if both +an absolute start and end time are given. +.TP +.BI "\-F, \-\-not-before " datetime +Absolute time when the validity of the AC begins. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-T, \-\-not-after " datetime +Absolute time when the validity of the AC ends. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-D, \-\-dateform " form +strptime(3) format for the +.B \-\-not\-before +and +.B \-\-not\-after +options, default: +.B %d.%m.%y %T .TP .BI "\-s, \-\-serial " hex Serial number in hex. It is randomly allocated by default. diff --git a/src/pki/man/pki---issue.1.in b/src/pki/man/pki---issue.1.in index 3fad1ae8a..375cb2fe4 100644 --- a/src/pki/man/pki---issue.1.in +++ b/src/pki/man/pki---issue.1.in @@ -14,6 +14,8 @@ pki \-\-issue \- Issue a certificate using a CA certificate and key .OP \-\-dn subject-dn .OP \-\-san subjectAltName .OP \-\-lifetime days +.OP \-\-not-before datetime +.OP \-\-not-after datetime .OP \-\-serial hex .OP \-\-flag flag .OP \-\-digest digest @@ -88,7 +90,28 @@ Subject distinguished name (DN) of the issued certificate. subjectAltName extension to include in certificate. Can be used multiple times. .TP .BI "\-l, \-\-lifetime " days -Days the certificate is valid, default: 1095. +Days the certificate is valid, default: 1095. Ignored if both +an absolute start and end time are given. +.TP +.BI "\-F, \-\-not-before " datetime +Absolute time when the validity of the certificate begins. The datetime format +is defined by the +.B \-\-dateform +option. +.TP +.BI "\-T, \-\-not-after " datetime +Absolute time when the validity of the certificate ends. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-D, \-\-dateform " form +strptime(3) format for the +.B \-\-not\-before +and +.B \-\-not\-after +options, default: +.B %d.%m.%y %T .TP .BI "\-s, \-\-serial " hex Serial number in hex. It is randomly allocated by default. @@ -176,4 +199,4 @@ given PKCS#10 certificate request and the options above: . .SH "SEE ALSO" . -.BR pki (1)
\ No newline at end of file +.BR pki (1) diff --git a/src/pki/man/pki---self.1.in b/src/pki/man/pki---self.1.in index ee42cf9a0..5e6e78bd0 100644 --- a/src/pki/man/pki---self.1.in +++ b/src/pki/man/pki---self.1.in @@ -14,6 +14,8 @@ pki \-\-self \- Create a self-signed certificate .BI \-\-dn\~ distinguished-name .OP \-\-san subjectAltName .OP \-\-lifetime days +.OP \-\-not-before datetime +.OP \-\-not-after datetime .OP \-\-serial hex .OP \-\-flag flag .OP \-\-digest digest @@ -75,7 +77,28 @@ Subject and issuer distinguished name (DN). Required. subjectAltName extension to include in certificate. Can be used multiple times. .TP .BI "\-l, \-\-lifetime " days -Days the certificate is valid, default: 1095. +Days the certificate is valid, default: 1095. Ignored if both +an absolute start and end time are given. +.TP +.BI "\-F, \-\-not-before " datetime +Absolute time when the validity of the certificate begins. The datetime format +is defined by the +.B \-\-dateform +option. +.TP +.BI "\-T, \-\-not-after " datetime +Absolute time when the validity of the certificate ends. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-D, \-\-dateform " form +strptime(3) format for the +.B \-\-not\-before +and +.B \-\-not\-after +options, default: +.B %d.%m.%y %T .TP .BI "\-s, \-\-serial " hex Serial number in hex. It is randomly allocated by default. @@ -145,4 +168,4 @@ Generate a self-signed certificate using the given RSA key: . .SH "SEE ALSO" . -.BR pki (1)
\ No newline at end of file +.BR pki (1) diff --git a/src/pki/man/pki---signcrl.1.in b/src/pki/man/pki---signcrl.1.in index 6ba96f6bc..bd6cba547 100644 --- a/src/pki/man/pki---signcrl.1.in +++ b/src/pki/man/pki---signcrl.1.in @@ -10,6 +10,8 @@ pki \-\-signcrl \- Issue a Certificate Revocation List (CRL) using a CA certific .BI \-\-cakey\~ file |\-\-cakeyid\~ hex .BI \-\-cacert\~ file .OP \-\-lifetime days +.OP \-\-this-update datetime +.OP \-\-next-update datetime .OP \-\-lastcrl crl .OP \-\-basecrl crl .OP \-\-crluri uri @@ -62,7 +64,28 @@ is required. CA certificate file. Required. .TP .BI "\-l, \-\-lifetime " days -Days until the CRL gets a nextUpdate, default: 15. +Days until the CRL gets a nextUpdate, default: 15. Ignored if both +an absolute start and end time are given. +.TP +.BI "\-F, \-\-this-update " datetime +Absolute time when the validity of the CRL begins. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-T, \-\-next-update " datetime +Absolute time when the validity of the CRL end. The datetime format is +defined by the +.B \-\-dateform +option. +.TP +.BI "\-D, \-\-dateform " form +strptime(3) format for the +.B \-\-this\-update +and +.B \-\-next\-update +options, default: +.B %d.%m.%y %T .TP .BI "\-a, \-\-lastcrl " crl CRL of lastUpdate to copy revocations from. @@ -121,4 +144,4 @@ number, but no reason: .PP .SH "SEE ALSO" . -.BR pki (1)
\ No newline at end of file +.BR pki (1) |