xref: /netbsd-src/crypto/external/bsd/openssl/lib/libcrypto/man/openssl-storeutl.1 (revision a19d5caa4f855f23a141a0208d8a8ad40b58864e) 
 $NetBSD: openssl-storeutl.1,v 1.1 2024/07/12 21:01:09 christos Exp $

 -*- mode: troff; coding: utf-8 -*-
 Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43)

 Standard preamble:
 ========================================================================
..

..


..
 \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` ""
. ds C' ""
'br\}
. ds C`
. ds C'
'br\}

 Escape single quotes in literal strings from groff's Unicode transform.

 If the F register is >0, we'll generate index entries on stderr for
 titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
 entries marked with X<> in POD. Of course, you'll have to process the
 output yourself in some meaningful fashion.

 Avoid warning from groff about undefined register 'F'.
..
.nr rF 0
. if \nF \{\
. de IX
. tm Index:\\$1\t\\n%\t"\\$2"
..
. if !\nF==2 \{\
. nr % 0
. nr F 2
. \}
. \}
.\}
.rr rF
 ========================================================================

 Title "OPENSSL-STOREUTL 1" 
 OPENSSL-STOREUTL 1 2024-07-11 3.0.14 OpenSSL
 For nroff, turn off justification. Always turn off hyphenation; it makes
 way too many mistakes in technical documents.
 NAME
openssl-storeutl - STORE command

 SYNOPSIS
 Header "SYNOPSIS" \fBopenssl storeutl
[-help]
[-out file]
[-noout]
[-passin arg]
[-text arg]
[-r]
[-certs]
[-keys]
[-crls]
[-subject arg]
[-issuer arg]
[-serial arg]
[-alias arg]
[-fingerprint arg]
[-\f(BIdigest]
[-engine id]
[-provider name]
[-provider-path path]
[-propquery propq]
\fIuri

 DESCRIPTION
 Header "DESCRIPTION" This command can be used to display the contents (after
decryption as the case may be) fetched from the given URI.

 OPTIONS
 Header "OPTIONS" 
 -help 4
 Item "-help" Print out a usage message.

 "-out filename" 4
 Item "-out filename" specifies the output filename to write to or standard output by
default.

 -noout 4
 Item "-noout" this option prevents output of the PEM data.

 "-passin arg" 4
 Item "-passin arg" the key password source. For more information about the format of arg
see openssl-passphrase-options\|(1).

 -text 4
 Item "-text" Prints out the objects in text form, similarly to the -text output from
\fBopenssl-x509\|(1), openssl-pkey\|(1), etc.

 -r 4
 Item "-r" Fetch objects recursively when possible.

 -certs 4
 Item "-certs" 
 0

 -keys 4
 Item "-keys" 
 -crls 4
 Item "-crls" 

Only select the certificates, keys or CRLs from the given URI.
However, if this URI would return a set of names (URIs), those are always
returned.
.Sp
Note that all options must be given before the uri argument.
Otherwise they are ignored.
.Sp
Note -keys selects exclusively private keys, there is no selector for public
keys only.

 "-subject arg" 4
 Item "-subject arg" Search for an object having the subject name arg.
.Sp
The arg must be formatted as \*(C`/type0=value0/type1=value1/type2=...\*(C'.
Special characters may be escaped by \*(C`\e\*(C' (backslash), whitespace is retained.
Empty values are permitted but are ignored for the search. That is,
a search with an empty value will have the same effect as not specifying
the type at all.
Giving a single \*(C`/\*(C' will lead to an empty sequence of RDNs (a NULL-DN).
Multi-valued RDNs can be formed by placing a \*(C`+\*(C' character instead of a \*(C`/\*(C'
between the AttributeValueAssertions (AVAs) that specify the members of the set.
.Sp
Example:
.Sp
\f(CW\*(C`/DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe\*(C'

 "-issuer arg" 4
 Item "-issuer arg" 
 0

 "-serial arg" 4
 Item "-serial arg" 

Search for an object having the given issuer name and serial number.
These two options must be used together.
The issuer arg must be formatted as \*(C`/type0=value0/type1=value1/type2=...\*(C',
characters may be escaped by \e (backslash), no spaces are skipped.
The serial arg may be specified as a decimal value or a hex value if preceded
by \*(C`0x\*(C'.

 "-alias arg" 4
 Item "-alias arg" Search for an object having the given alias.

 "-fingerprint arg" 4
 Item "-fingerprint arg" Search for an object having the given fingerprint.

 -\f(BIdigest 4
 Item "-digest" The digest that was used to compute the fingerprint given with -fingerprint.

 "-engine id" 4
 Item "-engine id" See "Engine Options" in openssl\|(1).
This option is deprecated.

 "-provider name" 4
 Item "-provider name" 
 0

 "-provider-path path" 4
 Item "-provider-path path" 
 "-propquery propq" 4
 Item "-propquery propq" 

See "Provider Options" in openssl\|(1), provider\|(7), and property\|(7).

 "SEE ALSO"
 Header "SEE ALSO" \fBopenssl\|(1)

 HISTORY
 Header "HISTORY" This command was added in OpenSSL 1.1.1.


The -engine option was deprecated in OpenSSL 3.0.

 COPYRIGHT
 Header "COPYRIGHT" Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved.


Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.