genkey



GENKEY(1)                                                            GENKEY(1)




NAME

       genkey - generate SSL certificates and certificate requests


SYNOPSIS

       genkey [--test] [--days count] [--genreq | --makeca] {hostname}



DESCRIPTION

       genkey  is an interactive command-line tool which can be used to gener-
       ate SSL certificates or Certificate Signing Requests  (CSR).  Generated
       certificates  are  stored in the directory /etc/pki/tls/certs/, and the
       corresponding private key in /etc/pki/tls/private/.


       genkey will prompt for the size of key desired; whether or not to  gen-
       erate  a  CSR;  whether or not an encrypted private key is desired; the
       certificate subject DN details.


       genkey generates random data for the private key using the truerand li-
       brary and also by prompting the user for entry of random text.



OPTIONS

       --makceca
              Generate a Certificate Authority keypair.


       --genreq
              Generate  a  Certificate Signing Request for an existing private
              key, which can be submitted to a CA (for example, for  renewal).


       --days count
              When generating a self-signed certificate, specify that the num-
              ber of days for which the certificate is valid be  count  rather
              than the default value of 30.


       --test For test purposes only; omit the slow process of generating ran-
              dom data.



EXAMPLES

       The following example will create a self-signed certificate and private
       key for the hostname www.example.com:


               # genkey --days 120 www.example.com





FILES

       /etc/pki/tls/openssl.cnf



SEE ALSO

       certwatch(1)




crypto-utils                      April 2005                         GENKEY(1)

Man(1) output converted with man2html