|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|
|
NAME | SYNOPSIS | DESCRIPTION | COMMANDS | OPTIONS | SEE ALSO | COLOPHON |
|
|
|
SYSTEMD-KEYUTIL(1) systemd-keyutil SYSTEMD-KEYUTIL(1)
systemd-keyutil - Perform various operations on private keys and
X.509 certificates
systemd-keyutil [OPTIONS...] {COMMAND}
systemd-keyutil can be used to perform various operations on
private keys and X.509 certificates.
validate
Checks that we can load the private key and certificate
specified with --private-key= and --certificate= respectively.
As a side effect, if the private key is loaded from a
PIN-protected hardware token, this command can be used to
cache the PIN in the kernel keyring. The
$SYSTEMD_ASK_PASSWORD_KEYRING_TIMEOUT_SEC and
$SYSTEMD_ASK_PASSWORD_KEYRING_TYPE environment variables can
be used to control how long and in which kernel keyring the
PIN is cached.
Added in version 257.
public
This commands prints the public key in PEM format extracted
from either the certificate given with --certificate= or the
private key given with --private-key=.
Added in version 257.
The following options are understood:
--private-key=PATH/URI, --private-key-source=TYPE[:NAME],
--certificate=PATH, --certificate-source=TYPE[:NAME]
Set the private key and certificate to use. The --certificate=
option takes a path to a PEM encoded X.509 certificate or a
URI that's passed to the OpenSSL provider configured with
--certificate-source. The --certificate-source takes one of
"file" or "provider", with the latter being followed by a
specific provider identifier, separated with a colon, e.g.
"provider:pkcs11". The --private-key= option can take a path
or a URI that will be passed to the OpenSSL engine or
provider, as specified by --private-key-source= as a
"type:name" tuple, such as "engine:pkcs11".
Added in version 257.
-h, --help
Print a short help text and exit.
--version
Print a short version string and exit.
systemd-sbsign(1), systemd-measure(1)
This page is part of the systemd (systemd system and service
manager) project. Information about the project can be found at
⟨http://www.freedesktop.org/wiki/Software/systemd⟩. If you have a
bug report for this manual page, see
⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
This page was obtained from the project's upstream Git repository
⟨https://github.com/systemd/systemd.git⟩ on 2025-02-02. (At that
time, the date of the most recent commit that was found in the
repository was 2025-02-02.) If you discover any rendering
problems in this HTML version of the page, or you believe there is
a better or more up-to-date source for the page, or you have
corrections or improvements to the information in this COLOPHON
(which is not part of the original manual page), send a mail to
man-pages@man7.org
systemd 258~devel SYSTEMD-KEYUTIL(1)
Pages that refer to this page: systemd.directives(7), systemd.index(7)
|
HTML rendering created 2025-02-02 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH. |
|