2022-10-04 17:03:01 +01:00
|
|
|
# certutil
|
|
|
|
|
|
|
|
> Manage keys and certificates in both NSS databases and other NSS tokens.
|
|
|
|
> More information: <https://manned.org/certutil>.
|
|
|
|
|
2024-02-19 14:13:42 +00:00
|
|
|
- Create a [N]ew certificate database in the current [d]irectory:
|
2022-10-04 17:03:01 +01:00
|
|
|
|
|
|
|
`certutil -N -d .`
|
|
|
|
|
|
|
|
- List all certificates in a database:
|
|
|
|
|
|
|
|
`certutil -L -d .`
|
|
|
|
|
2024-02-19 14:13:42 +00:00
|
|
|
- List all private [K]eys in a database specifying the password [f]ile:
|
2022-10-04 17:03:01 +01:00
|
|
|
|
2022-10-07 23:33:22 +01:00
|
|
|
`certutil -K -d . -f {{path/to/password_file.txt}}`
|
2022-10-04 17:03:01 +01:00
|
|
|
|
2024-02-19 14:13:42 +00:00
|
|
|
- [A]dd the signed certificate to the requesters database specifying a [n]ickname, [t]rust attributes and an [i]nput CRT file:
|
2022-10-04 17:03:01 +01:00
|
|
|
|
2022-10-07 23:33:22 +01:00
|
|
|
`certutil -A -n "{{server_certificate}}" -t ",," -i {{path/to/file.crt}} -d .`
|
2022-10-04 17:03:01 +01:00
|
|
|
|
2024-02-19 14:13:42 +00:00
|
|
|
- Add subject alternative names to a given [c]ertificate with a specific key size ([g]):
|
2022-10-04 17:03:01 +01:00
|
|
|
|
2022-10-07 23:33:22 +01:00
|
|
|
`certutil -S -f {{path/to/password_file.txt}} -d . -t ",," -c "{{server_certificate}}" -n "{{server_name}}" -g {{2048}} -s "CN={{common_name}},O={{organization}}"`
|