X-Git-Url: http://wien.tomnetworks.com/gitweb/?a=blobdiff_plain;f=man%2Fcertmgr.1;h=92bfa164b96340f38e80ec070b04222ebeacf264;hb=HEAD;hp=b67ee8fe3c0a20e57bc2970d79125c6ee4425a10;hpb=cccbf6a4b7152c24fafc319e77060a4723a8560e;p=mono.git diff --git a/man/certmgr.1 b/man/certmgr.1 index b67ee8fe3c0..92bfa164b96 100644 --- a/man/certmgr.1 +++ b/man/certmgr.1 @@ -1,8 +1,10 @@ .\" .\" certmgr manual page. .\" Copyright 2004-2005 Novell +.\" Copyright 2010 Pablo Ruiz .\" Author: .\" Sebastien Pouliot +.\" Pablo Ruiz Garcia .\" .TH Mono "certmgr" .SH NAME @@ -13,18 +15,40 @@ certmgr \- Mono Certificate Manager (CLI version) or .B certmgr -ssl [options] url .SH DESCRIPTION -This tool allow to list, add, remove or extract certificates, certificate +This tool allows to list, add, remove or extract certificates, certificate revocation lists (CRL) or certificate trust lists (CTL) to/from a certificate store. Certificate stores are used to build and validate certificate chains for Authenticode(r) code signing validation and SSL server certificates. +.SH STORES +The +.I store +represents the certificate store to use. It can be one of the +following: +.TP +.I "My" +This is the personal certificate store. +.TP +.I "AddressBook" +This is the store for other people. +.TP +.I "CA" +This is a store for intermediate certificate authorities. +.TP +.I "Trust" +This is for trusted roots. +.TP +.I "Disallowed" +This is for untrusted roots .SH ACTIONS .TP .I "-list" List the certificates, CTL or CTL in the specified store. .TP .I "-add" -Add a certificate, CRL or CTL to specified store. +Add a certificate, CRL or CTL to specified store. If filename is a pkcs12 +or pfx file, and it contains a private key, it will be imported to local key +pair container. .TP .I "-del" Remove a certificate, CRL or CTL from specified store. You must specify the @@ -40,20 +64,25 @@ Copy a certificate, CRL or CTL from a store to a file. Download and add the certificates from a SSL session. You'll be asked to confirm the addition of every certificate received from the server. Note that SSL/TLS protocols do not requires a server to send the root certificate. -This action assume an certificate (-c) object type and will import the +This action assumes a certificate (-c) object type and will import the certificates in appropriate stores (i.e. server certificate in the -OtherPeople store, the root certificate in the Trust store, any other +OtherPeople store, the root certificate in the Trust store and any other intermediate certificates in the IntermediateCA store). +.TP +.I "-importKey" +Allows importing a private key from a pkcs12 file into a local key pair +store. (Useful when you already have the key's corresponding certificate +installed at the specific store.) .SH OBJECT TYPES .TP .I "-c", "-cert", "-certificate" -Add, Delete or Put certificates. That is the specified file must/will contains +Add, Delete or Put certificates. That is the specified file must/will contain X.509 certificates in DER binary encoding. .TP .I "-crl" Add, Delete or Put certificate revocation lists (CRL). That is the specified -file must/will contains X.509 CRL in DER binary encoding. +file must/will contain X.509 CRL in DER binary encoding. .TP .I "-ctl" Add, Delete or Put certificate trust lists (CRL). UNSUPPORTED. @@ -66,6 +95,9 @@ Use the machine's certificate stores (instead of the default user's stores). .I "-v" More details displayed on the console. .TP +.I "-p password" +Use the specified password when accessing a pkcs12 file. +.TP .I "-help", "-h", "-?", "/?" Display help about this tool. @@ -81,13 +113,16 @@ For example the trusted root certificates for a user would be kept under .TP Certificates files are kept in DER (binary) format (extension .cer). .TP -The filenames either starts with +The filenames either start with .I tbp (thumbprint) or .I ski (subject key identifier). .TP The rest of the filename is the base64-encoded value (tbp or ski). +.TP +Private key data is stored under +.I ~/.config/.mono/keypairs/ .SH EXAMPLES .TP @@ -140,6 +175,8 @@ element of your machine.config file. .SH AUTHOR Written by Sebastien Pouliot + +Minor additions by Pablo Ruiz García .SH COPYRIGHT Copyright (C) 2004-2005 Novell. .SH MAILING LISTS