|
 |
652e94 |
diff -up doc/certutil.xml.missing_options doc/certutil.xml
|
|
|
652e94 |
--- doc/certutil.xml.missing_options 2014-08-06 08:05:31.515329622 -0700
|
|
|
652e94 |
+++ doc/certutil.xml 2014-08-06 08:06:16.520764486 -0700
|
|
|
652e94 |
@@ -204,6 +204,11 @@ If this option is not used, the validity
|
|
|
652e94 |
</varlistentry>
|
|
|
652e94 |
|
|
|
652e94 |
<varlistentry>
|
|
|
652e94 |
+ <term>--dump-ext-val OID </term>
|
|
|
652e94 |
+ <listitem><para>For single cert, print binary DER encoding of extension OID.</para></listitem>
|
|
|
652e94 |
+ </varlistentry>
|
|
|
652e94 |
+
|
|
|
652e94 |
+ <varlistentry>
|
|
|
652e94 |
<term>-e </term>
|
|
|
652e94 |
<listitem><para>Check a certificate's signature during the process of validating a certificate.</para></listitem>
|
|
|
652e94 |
</varlistentry>
|
|
|
652e94 |
@@ -214,6 +219,26 @@ If this option is not used, the validity
|
|
|
652e94 |
</varlistentry>
|
|
|
652e94 |
|
|
|
652e94 |
<varlistentry>
|
|
|
652e94 |
+ <term>--extGeneric OID:critical-flag:filename[,OID:critical-flag:filename]... </term>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+ <para>
|
|
|
652e94 |
+Add one or multiple extensions that certutil cannot encode yet, by loading their encodings from external files.
|
|
|
652e94 |
+ </para>
|
|
|
652e94 |
+ <itemizedlist>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+<para>OID (example): 1.2.3.4</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+<para>critical-flag: critical or not-critical</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+<para>filename: full path to a file containing an encoded extension</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ </itemizedlist>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ </varlistentry>
|
|
|
652e94 |
+
|
|
|
652e94 |
+ <varlistentry>
|
|
|
652e94 |
<term>-f password-file</term>
|
|
|
652e94 |
<listitem><para>Specify a file that will automatically supply the password to include in a certificate
|
|
|
652e94 |
or to access a certificate database. This is a plain-text file containing one password. Be sure to prevent
|
|
|
652e94 |
@@ -376,6 +401,15 @@ of the attribute codes:
|
|
|
652e94 |
<para><command>V</command> (as an SSL server)</para>
|
|
|
652e94 |
</listitem>
|
|
|
652e94 |
<listitem>
|
|
|
652e94 |
+<para><command>L</command> (as an SSL CA)</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+<para><command>A</command> (as Any CA)</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
+<para><command>Y</command> (Verify CA)</para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ <listitem>
|
|
|
652e94 |
<para><command>S</command> (as an email signer)</para>
|
|
|
652e94 |
</listitem>
|
|
|
652e94 |
<listitem>
|
|
|
652e94 |
@@ -649,6 +683,17 @@ of the attribute codes:
|
|
|
652e94 |
</varlistentry>
|
|
|
652e94 |
|
|
|
652e94 |
<varlistentry>
|
|
|
652e94 |
+ <term>--extSAN type:name[,type:name]...</term>
|
|
|
652e94 |
+ <listitem><para>
|
|
|
652e94 |
+Create a Subject Alt Name extension with one or multiple names.
|
|
|
652e94 |
+ </para>
|
|
|
652e94 |
+ <para>
|
|
|
652e94 |
+-type: directory, dn, dns, edi, ediparty, email, ip, ipaddr, other, registerid, rfc822, uri, x400, x400addr
|
|
|
652e94 |
+ </para>
|
|
|
652e94 |
+ </listitem>
|
|
|
652e94 |
+ </varlistentry>
|
|
|
652e94 |
+
|
|
|
652e94 |
+ <varlistentry>
|
|
|
652e94 |
<term>--empty-password</term>
|
|
|
652e94 |
<listitem><para>Use empty password when creating new certificate database with -N.</para></listitem>
|
|
|
652e94 |
</varlistentry>
|