|
|
ipsec_convert(8)
Contents
|
ipsec_convert - Converts the format of IPsec certificate
files
/usr/sbin/ ipsec_convert [-cert] [-crl] [-req]
:p|b|h:input_file1 :p|b|h:output_file1 [:p|b|h:input_file2
:p|b|h:output_file2 ...]
Specifies a file that contains an X.509 public key certificate.
Specifies a file that contains an X.509 certificate
revocation list. Specifies a file that contains
a PKCS-10 format certificate request.
The ipsec_convert command converts files that contain public-key
certificate information among the formats supported
by the Tru64 UNIX IPsec software. This command and
other related certificate commands in this implementation
of IPsec are intended for testing purposes only. They are
not intended to provide a complete public-key certificate
infrastructure.
The ipsec_convert utility reads each input file, converts
it, and writes the result to the corresponding output
file. The type of certificate-related data is specified
by the -cert, -crl, and -req options. The format of the
input file and the format of the output file are specified
by preceding the file name with one of the following formatting
characters delimited by colons: Privacy-EncodedMail
(PEM) format
The file is encoded as a Base64-encoded binary.
Binary (DER encoded) format
The file is encoded in accordance with the Distinguished
Encoding Rules (DER) of ASN.1. HEXL format
The file is encoded as a hexadecimal string. Each
line has the following form:
xxxxxxxx: yyyy yyyy yyyy yyyy yyyy yyyy yyyy yyyy
In this form, xxxxxxxx is the hexadecimal offset of
the data at the beginning of the line and yyyy yyyy
yyyy yyyy yyyy yyyy yyyy yyyy is up to 16 bytes of
hexadecimal data.
The following command converts a file containing a certificate
from binary to PEM format: # ipsec_convert -cert
:b:/home/mycert.bin :p:newcert.pem
Commands: ipsec_certmake(8), ipsec_certview(8)
ipsec_convert(8)
[ Back ] | 