diff options
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | src/pki/Makefile.am | 2 | ||||
| -rw-r--r-- | src/pki/man/.gitignore | 1 | ||||
| -rw-r--r-- | src/pki/man/Makefile.am | 4 | ||||
| -rw-r--r-- | src/pki/man/ipsec-pki.8.in | 72 |
5 files changed, 81 insertions, 0 deletions
diff --git a/configure.ac b/configure.ac index 768cb87d1..196137a40 100644 --- a/configure.ac +++ b/configure.ac @@ -1471,6 +1471,7 @@ AC_CONFIG_FILES([ src/openac/Makefile src/scepclient/Makefile src/pki/Makefile + src/pki/man/Makefile src/dumm/Makefile src/dumm/ext/extconf.rb src/libfast/Makefile @@ -1492,6 +1493,7 @@ AC_CONFIG_FILES([ man/ipsec.secrets.5 man/strongswan.conf.5 src/charon-cmd/charon-cmd.8 + src/pki/man/ipsec-pki.8 ]) AC_OUTPUT diff --git a/src/pki/Makefile.am b/src/pki/Makefile.am index e07938284..783515249 100644 --- a/src/pki/Makefile.am +++ b/src/pki/Makefile.am @@ -1,3 +1,5 @@ +SUBDIRS = man + ipsec_PROGRAMS = pki pki_SOURCES = pki.c pki.h command.c command.h \ diff --git a/src/pki/man/.gitignore b/src/pki/man/.gitignore new file mode 100644 index 000000000..44b27a64b --- /dev/null +++ b/src/pki/man/.gitignore @@ -0,0 +1 @@ +*.8
\ No newline at end of file diff --git a/src/pki/man/Makefile.am b/src/pki/man/Makefile.am new file mode 100644 index 000000000..ba4aac89b --- /dev/null +++ b/src/pki/man/Makefile.am @@ -0,0 +1,4 @@ +man8_MANS = \ + ipsec-pki.8 + +CLEANFILES = $(man8_MANS) diff --git a/src/pki/man/ipsec-pki.8.in b/src/pki/man/ipsec-pki.8.in new file mode 100644 index 000000000..1f81f680f --- /dev/null +++ b/src/pki/man/ipsec-pki.8.in @@ -0,0 +1,72 @@ +.TH IPSEC\-PKI 8 "2013-07-30" "@PACKAGE_VERSION@" "strongSwan" +. +.SH "NAME" +. +ipsec pki \- Simple public key infrastructure (PKI) management tool +. +.SH "SYNOPSIS" +. +.SY "ipsec pki" +.I command +.RI [ option\~ .\|.\|.] +.YS +. +.SY "ipsec pki" +.B \-h +| +.B \-\-help +.YS +. +.SH "DESCRIPTION" +. +.B ipsec pki +is a suite of commands that allow you to manage a simple public key +infrastructure (PKI). +.P +Generate RSA and ECDSA key pairs, create PKCS#10 certificate requests +containing subjectAltNames, create X.509 self-signed end-entity and root CA +certificates, issue end-entity and intermediate CA certificates signed by the +private key of a CA and containing subjectAltNames, CRL distribution points +and URIs of OCSP servers. You can also extract raw public keys from private +keys, certificate requests and certificates and compute two kinds of SHA-1-based +key IDs. +. +.SH "COMMANDS" +. +.TP +.B "\-h, \-\-help" +Prints usage information and a short summary of the available commands. +.TP +.B "\-g, \-\-gen" +Generate a new private key. +.TP +.B "\-s, \-\-self" +Create a self-signed certificate. +.TP +.B "\-i, \-\-issue" +Issue a certificate using a CA certificate and key. +.TP +.B "\-c, \-\-signcrl" +Issue a CRL using a CA certificate and key. +.TP +.B "\-r, \-\-req" +Create a PKCS#10 certificate request. +.TP +.B "\-7, \-\-pkcs7" +Provides PKCS#7 wrap/unwrap functions. +.TP +.B "\-k, \-\-keyid" +Calculate key identifiers of a key or certificate. +.TP +.B "\-a, \-\-print" +Print a credential (key, certificate etc.) in human readable form. +.TP +.B "\-p, \-\-pub" +Extract a public key from a private key or certificate. +.TP +.B "\-v, \-\-verify" +Verify a certificate using a CA certificate. +. +.SH "SEE ALSO" +. +.BR ipsec (8) |