|
|
ipsec_keypaircheck(8)
Contents
|
ipsec_keypaircheck - Checks if public and private keys
match
/usr/sbin/ipsec_keypaircheck [-cx] [-s passphrase] {public-key
| cert-file} private-key
Specifies that the public key is contained in a certificate
file instead of a public key file. Specifies that
the private key is encrypted, and can be decrypted with
passphrase. You cannot use the -s option with the -x
option. Specifies the use of X.509 private key format
(not encrypted). You cannot use the -x option with the -s
option.
The ipsec_keypaircheck command enables you to verify that
public and private keys match. You specify public keys
with either public-key or cert-file. You specify private
keys with private-key.
This command and other related certificate commands provided
in this IPsec implementation are intended for testing
purposes only. They are not intended to provide a
complete public-key certificate infrastructure.
You can precede the path name to the different files with
the following formatting characters, delimited by colons
as follows: Privacy-Encoded-Mail (PEM) format
The file is encoded as a Base64-encoded binary.
Binary (DER-encoded) format
The file is encoded in accordance with the Distinguished
Encoding Rules (DER) of ASN.1. HEXL format
The file is encoded as a hexadecimal string. Each
line has the following form:
xxxxxxxx: yyyy yyyy yyyy yyyy yyyy yyyy yyyy yyyy
In this form, xxxxxxxx is the hexadecimal offset of
the data at the beginning of the line and yyyy yyyy
yyyy yyyy yyyy yyyy yyyy yyyy is up to 16 bytes of
hexadecimal data.
Commands: ipsec_certview(8), ipsec_convert(8), ipsec_keytool(8)
ipsec_keypaircheck(8)
[ Back ] | 