certtool
linux
Generate and manage X.509 certificates, keys, and PKI structures using GnuTLS.
More info →Options (3)
-p, --generate-privkeybooleanGenerate a private key and save it to a file
Example:
certtool {{[-p|--generate-privkey]}} --outfile {{path/to/private.key}}-s, --generate-self-signedbooleanGenerate a self-signed certificate using a private key and a template file
Example:
certtool {{[-s|--generate-self-signed]}} --load-privkey {{path/to/private.key}} --template {{path/to/info.template}} --outfile {{path/to/certificate.crt}}-q, --generate-requestbooleanGenerate a certificate signing request (CSR)
Example:
certtool {{[-q|--generate-request]}} --load-privkey {{path/to/private.key}} --template {{path/to/info.template}} --outfile {{path/to/request.csr}}Examples (5)
Generate a private key and save it to a file
certtool [-p|--generate-privkey] --outfile path/to/private.keyGenerate a self-signed certificate using a private key and a template file
certtool [-s|--generate-self-signed] --load-privkey path/to/private.key --template path/to/info.template --outfile path/to/certificate.crtGenerate a certificate signing request (CSR)
certtool [-q|--generate-request] --load-privkey path/to/private.key --template path/to/info.template --outfile path/to/request.csrGenerate a certificate authority (CA) certificate
certtool [-s|--generate-self-signed] --load-privkey path/to/ca.key --template path/to/ca.template --outfile path/to/ca.crtVerify a certificate against a CA certificate
certtool --verify --infile path/to/certificate.crt --load-ca-certificate path/to/ca.crtmade by @shridhargupta | data from tldr-pages