GENKEY(1) GENKEY(1)
NAME
genkey - generate SSL certificates and certificate requests
SYNOPSIS
genkey [--test] [--days count] [[--genreq] [--makeca]] {hostname}
DESCRIPTION
genkey is an interactive command-line tool which can be used to
generate SSL certificates or Certificate Signing Requests (CSR).
Generated certificates are stored in the directory /etc/pki/tls/certs/,
and the corresponding private key in /etc/pki/tls/private/.
genkey will prompt for the size of key desired; whether or not to
generate a CSR; whether or not an encrypted private key is desired; the
certificate subject DN details.
genkey generates random data for the private key using the truerand
library and also by prompting the user for entry of random text.
OPTIONS
--makceca
Generate a Certificate Authority keypair.
--genreq
Generate a Certificate Signing Request for an existing private
key, which can be submitted to a CA (for example, for renewal).
--days count
When generating a self-signed certificate, specify that the
number of days for which the certificate is valid be count
rather than the default value of 30.
--test For test purposes only; omit the slow process of generating
random data.
EXAMPLES
The following example will create a self-signed certificate and private
key for the hostname www.example.com:
# genkey --days 120 www.example.com
FILES
/etc/pki/tls/openssl.cnf
SEE ALSO
certwatch(1)
crypto-utils April 2005 GENKEY(1)
