Lines Matching full:certificate
167 -h When signing a key, create a host certificate instead of a user
168 certificate. Please see the CERTIFICATES section for details.
196 every key or certificate presented on the command line.
225 included in a certificate when signing a key. Multiple
230 Specify a certificate option when signing a key. This option may
241 command specified by the user when the certificate is
275 Restrict the source addresses from which the certificate
335 Specify a validity interval when signing a certificate. A
337 the certificate is valid beginning now and expiring at that time,
366 Specifies a serial number to be embedded in the certificate to
367 distinguish this certificate from others from the same CA. The
412 its signature on a certificate rather than trusting many user/host keys.
418 authenticate server hosts to users. To generate a user certificate:
422 The resultant certificate will be placed in /path/to/user_key-cert.pub.
423 A host certificate requires the -h option:
427 The host certificate will be output to /path/to/host_key-cert.pub.
436 when the certificate is used for authentication.
440 users or hosts. To generate a certificate for a specified set of
447 be specified through certificate options. A certificate option may
450 command. For a list of valid certificate options, see the documentation
454 option allows specification of certificate start and end times. A
455 certificate that is presented at a time outside this range will not be
466 compact format, taking as little as one bit per certificate if they are
479 original certificate on hand. A KRL specification consists of lines
484 Revokes a certificate with the specified serial number. Serial
492 Revokes a certificate with the specified key ID string. The CA
497 Revokes the specified key. If a certificate is listed, then it
