SecureBox

Secure shell and auxiliary commands for terminal applications on Android OS

SecureBox Icon

Documents </>

Manual pages "User Commands (1)" </>

CRL(1) OpenSSL CRL(1)

NAME

openssl-crl, crl - CRL utility

SYNOPSIS

openssl crl [ -help] [ -inform PEM|DER] [ -outform PEM|DER] [ -text] [ -in filename] [ -out filename] [ -nameopt option] [ -noout] [ -hash] [ -issuer] [ -lastupdate] [ -nextupdate] [ -CAfile file] [ -CApath dir]

DESCRIPTION

The crl command processes CRL files in DER or PEM format.

OPTIONS

-help
Print out a usage message.
-inform DER|PEM
This specifies the input format. DER format is DER encoded CRL structure. PEM (the default) is a base64 encoded version of the DER form with header and footer lines.
-outform DER|PEM
This specifies the output format, the options have the same meaning and default as the -inform option.
-in filename
This specifies the input filename to read from or standard input if this option is not specified.
-out filename
Specifies the output filename to write to or standard output by default.
-text
Print out the CRL in text form.
-nameopt option
Option which determines how the subject or issuer names are displayed. See the description of -nameopt in x509(1).
-noout
Don't output the encoded version of the CRL.
-hash
Output a hash of the issuer name. This can be use to lookup CRLs in a directory by issuer name.
-hash_old
Outputs the "hash" of the CRL issuer name using the older algorithm as used by OpenSSL before version 1.0.0.
-issuer
Output the issuer name.
-lastupdate
Output the lastUpdate field.
-nextupdate
Output the nextUpdate field.
-CAfile file
Verify the signature on a CRL by looking up the issuing certificate in file.
-CApath dir
Verify the signature on a CRL by looking up the issuing certificate in dir. This directory must be a standard certificate directory: that is a hash of each subject name (using x509 -hash) should be linked to each certificate.

NOTES

The PEM CRL format uses the header and footer lines:
 -----BEGIN X509 CRL-----
 -----END X509 CRL-----

EXAMPLES

Convert a CRL file from PEM to DER:
 openssl crl -in crl.pem -outform DER -out crl.der
Output the text form of a DER encoded certificate:
 openssl crl -in crl.der -inform DER -text -noout

BUGS

Ideally it should be possible to create a CRL using appropriate options and files too.

SEE ALSO

crl2pkcs7(1), ca(1), x509(1)

COPYRIGHT

Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.
2019-02-26 1.1.1b

<external>

[round left]
Please report site issues to < webmaster AT termoneplus DOT com >
Copyright © 2017-2019 , Roumen Petrov
Авторско право 2017-2019 , Румен Петров
[round right]