| |
@@ -4874,54 +4874,90 @@
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -k FILE PEM file for private key\n"),
|
| |
- N_(" -f FILE PEM file for certificate (only valid with -k)\n"),
|
| |
+ N_(" -k FILE, --keyfile=FILE\n"),
|
| |
+ N_(" PEM file for private key\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate (only valid with -k)\n"),
|
| |
N_("* If keys are to be encrypted:\n"),
|
| |
- N_(" -p FILE file which holds the encryption PIN\n"),
|
| |
- N_(" -P PIN PIN value\n"),
|
| |
+ N_(" -p FILE, --pinfile=FILE\n"),
|
| |
+ N_(" file which holds the encryption PIN\n"),
|
| |
+ N_(" -P PIN, --pin=PIN PIN value\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Certificate handling settings:\n"),
|
| |
- N_(" -I NAME nickname to assign to the request\n"),
|
| |
- N_(" -G TYPE type of key to be generated if one is not already in place\n"),
|
| |
- N_(" -g SIZE size of key to be generated if one is not already in place\n"),
|
| |
- N_(" -r attempt to renew the certificate when expiration nears (default)\n"),
|
| |
- N_(" -R don't attempt to renew the certificate when expiration nears\n"),
|
| |
+ N_(" -I NAME, --new-id=NAME\n"),
|
| |
+ N_(" new nickname to give to tracking request\n"),
|
| |
+ N_(" -G TYPE, --key-type=TYPE\n"),
|
| |
+ N_(" type of key to be generated if one is not already\n"),
|
| |
+ N_(" in place\n"),
|
| |
+ N_(" -g BITS, --key-size=BITS\n"),
|
| |
+ N_(" size of key to be generated if one is not already\n"),
|
| |
+ N_(" in place\n"),
|
| |
+ N_(" -r, --renew attempt to renew the certificate when\n"),
|
| |
+ N_(" expiration nears (default)\n"),
|
| |
+ N_(" -R, --no-renew don't attempt to renew the certificate when\n"),
|
| |
+ N_(" expiration nears\n"),
|
| |
#ifndef FORCE_CA
|
| |
- N_(" -c CA use the specified CA rather than the default\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
- N_(" -T PROFILE ask the CA to process the request using the named profile or template\n"),
|
| |
+ N_(" -T PROFILE, --profile=NAME\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named profile or template\n"),
|
| |
N_(" --ms-template-spec SPEC\n"),
|
| |
- N_(" include V2 template specifier in CSR (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
- N_(" -X ISSUER ask the CA to process the request using the named issuer\n"),
|
| |
+ N_(" include V2 template specifier in CSR\n"),
|
| |
+ N_(" (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
+ N_(" -X ISSUER, --issuer=ISSUER\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named issuer\n"),
|
| |
+ "\n",
|
| |
N_("* Parameters for the signing request:\n"),
|
| |
- N_(" -N NAME set requested subject name (default: CN=<hostname>)\n"),
|
| |
- N_(" -U EXTUSAGE set requested extended key usage OID\n"),
|
| |
- N_(" -u KEYUSAGE set requested key usage value\n"),
|
| |
- N_(" -K NAME set requested principal name\n"),
|
| |
- N_(" -D DNSNAME set requested DNS name\n"),
|
| |
- N_(" -E EMAIL set requested email address\n"),
|
| |
- N_(" -A ADDRESS set requested IP address\n"),
|
| |
- N_(" -l FILE file which holds an optional challenge password\n"),
|
| |
- N_(" -L PASSWORD an optional challenge password value\n"),
|
| |
+ N_(" -N NAME, --subject-name=NAME\n"),
|
| |
+ N_(" set requested subject name (default: CN=<hostname>)\n"),
|
| |
+ N_(" -U EXTUSAGE, --extended-key-usage=EXTUSAGE\n"),
|
| |
+ N_(" override requested extended key usage OID\n"),
|
| |
+ N_(" -u KEYUSAGE, --key-usage=KEYUSAGE\n"),
|
| |
+ N_(" set requested key usage value\n"),
|
| |
+ N_(" -K NAME, --principal=NAME\n"),
|
| |
+ N_(" override requested principal name\n"),
|
| |
+ N_(" -D DNSNAME, --dns=DNSNAME\n"),
|
| |
+ N_(" override requested DNS name\n"),
|
| |
+ N_(" -E EMAIL, --email=EMAIL\n"),
|
| |
+ N_(" override requested email address\n"),
|
| |
+ N_(" -A ADDRESS, --ip-address=ADDRESS\n"),
|
| |
+ N_(" override requested IP address\n"),
|
| |
+ N_(" -l FILE, --challenge-password-file=FILE\n"),
|
| |
+ N_(" file which holds an optional challenge password\n"),
|
| |
+ N_(" -L PASSWORD, --challenge-password=PASSWORD\n"),
|
| |
+ N_(" an optional challenge password value\n"),
|
| |
+ "\n",
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -B command to run before saving the certificate\n"),
|
| |
- N_(" -C command to run after saving the certificate\n"),
|
| |
- N_(" -F file in which to store the CA's certificates\n"),
|
| |
- N_(" -a NSS database in which to store the CA's certificates\n"),
|
| |
- N_(" -w try to wait for the certificate to be issued\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
- N_(" -o OWNER owner information for private key\n"),
|
| |
- N_(" -m MODE file permissions for private key\n"),
|
| |
- N_(" -O OWNER owner information for certificate\n"),
|
| |
- N_(" -M MODE file permissions for certificate\n"),
|
| |
+ N_(" -B COMMAND, --before-command=COMMAND\n"),
|
| |
+ N_(" command to run before saving the certificate\n"),
|
| |
+ N_(" -C COMMAND, --after-command=COMMAND\n"),
|
| |
+ N_(" command to run after saving the certificate\n"),
|
| |
+ N_(" -F FILE, --ca-file=FILE\n"),
|
| |
+ N_(" file in which to store the CA's certificates\n"),
|
| |
+ N_(" -a DIR, --ca-dbdir=DIR\n"),
|
| |
+ N_(" NSS database in which to store the CA's certificates\n"),
|
| |
+ N_(" -w, --wait try to wait for the certificate to be issued\n"),
|
| |
+ N_(" --wait-timeout TIMEOUT\n"),
|
| |
+ N_(" Maximum time to wait for the certificateto be issued\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
+ N_(" -o OWNER, --key-owner=OWNER\n"),
|
| |
+ N_(" owner information for private key\n"),
|
| |
+ N_(" -m MODE, --key-perms=MODE\n"),
|
| |
+ N_(" file permissions for private key\n"),
|
| |
+ N_(" -O OWNER, --cert-owner=OWNER\n"),
|
| |
+ N_(" owner information for certificate\n"),
|
| |
+ N_(" -M MODE, --cert-perms=MODE\n"),
|
| |
+ N_(" file permissions for certificate\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *start_tracking_help[] = {
|
| |
@@ -4929,53 +4965,87 @@
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* If modifying an existing request:\n"),
|
| |
- N_(" -i NAME nickname of an existing tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname of an existing tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -t NAME, --token=NAME optional token name for NSS-based storage\n"),
|
| |
+ N_(" (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -k FILE PEM file for private key\n"),
|
| |
- N_(" -f FILE PEM file for certificate (only valid with -k)\n"),
|
| |
+ N_(" -k FILE, --keyfile=FILE\n"),
|
| |
+ N_(" PEM file for private key\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate (only valid with -k)\n"),
|
| |
N_("* If keys are encrypted:\n"),
|
| |
- N_(" -p FILE file which holds the encryption PIN\n"),
|
| |
- N_(" -P PIN PIN value\n"),
|
| |
+ N_(" -p FILE, --pinfile=FILE\n"),
|
| |
+ N_(" file which holds the encryption PIN\n"),
|
| |
+ N_(" -P PIN, --pin=PIN PIN value\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Certificate handling settings:\n"),
|
| |
- N_(" -I NAME nickname to give to tracking request\n"),
|
| |
- N_(" -r attempt to renew the certificate when expiration nears (default)\n"),
|
| |
- N_(" -R don't attempt to renew the certificate when expiration nears\n"),
|
| |
+ N_(" -I NAME, --new-id=NAME\n"),
|
| |
+ N_(" new nickname to give to tracking request\n"),
|
| |
+ N_(" -r, --renew attempt to renew the certificate when\n"),
|
| |
+ N_(" expiration nears (default)\n"),
|
| |
+ N_(" -R, --no-renew don't attempt to renew the certificate when\n"),
|
| |
+ N_(" expiration nears\n"),
|
| |
#ifndef FORCE_CA
|
| |
- N_(" -c CA use the specified CA rather than the default\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
- N_(" -T PROFILE ask the CA to process the request using the named profile or template\n"),
|
| |
+ N_(" -T PROFILE, --profile=NAME\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named profile or template\n"),
|
| |
N_(" --ms-template-spec SPEC\n"),
|
| |
- N_(" include V2 template specifier in CSR (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
- N_(" -X ISSUER ask the CA to process the request using the named issuer\n"),
|
| |
+ N_(" include V2 template specifier in CSR\n"),
|
| |
+ N_(" (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
+ N_(" -X ISSUER, --issuer=ISSUER\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named issuer\n"),
|
| |
+ "\n",
|
| |
N_("* Parameters for the signing request at renewal time:\n"),
|
| |
- N_(" -U EXTUSAGE override requested extended key usage OID\n"),
|
| |
- N_(" -u KEYUSAGE set requested key usage value\n"),
|
| |
- N_(" -K NAME override requested principal name\n"),
|
| |
- N_(" -D DNSNAME override requested DNS name\n"),
|
| |
- N_(" -E EMAIL override requested email address\n"),
|
| |
- N_(" -A ADDRESS override requested IP address\n"),
|
| |
- N_(" -l FILE file which holds an optional challenge password\n"),
|
| |
- N_(" -L PASSWORD an optional challenge password value\n"),
|
| |
+ N_(" -U EXTUSAGE, --extended-key-usage=EXTUSAGE\n"),
|
| |
+ N_(" override requested extended key usage OID\n"),
|
| |
+ N_(" -u KEYUSAGE, --key-usage=KEYUSAGE\n"),
|
| |
+ N_(" set requested key usage value\n"),
|
| |
+ N_(" -K NAME, --principal=NAME\n"),
|
| |
+ N_(" override requested principal name\n"),
|
| |
+ N_(" -D DNSNAME, --dns=DNSNAME\n"),
|
| |
+ N_(" override requested DNS name\n"),
|
| |
+ N_(" -E EMAIL, --email=EMAIL\n"),
|
| |
+ N_(" override requested email address\n"),
|
| |
+ N_(" -A ADDRESS, --ip-address=ADDRESS\n"),
|
| |
+ N_(" override requested IP address\n"),
|
| |
+ N_(" -l FILE, --challenge-password-file=FILE\n"),
|
| |
+ N_(" file which holds an optional challenge password\n"),
|
| |
+ N_(" -L PASSWORD, --challenge-password=PASSWORD\n"),
|
| |
+ N_(" an optional challenge password value\n"),
|
| |
+ "\n",
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
+ "\n",
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -B command to run before saving the certificate\n"),
|
| |
- N_(" -C command to run after saving the certificate\n"),
|
| |
- N_(" -F file in which to store the CA's certificates\n"),
|
| |
- N_(" -a NSS database in which to store the CA's certificates\n"),
|
| |
- N_(" -w try to wait for the certificate to be issued\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
- N_(" -o OWNER owner information for private key\n"),
|
| |
- N_(" -m MODE file permissions for private key\n"),
|
| |
- N_(" -O OWNER owner information for certificate\n"),
|
| |
- N_(" -M MODE file permissions for certificate\n"),
|
| |
+ N_(" -B COMMAND, --before-command=COMMAND\n"),
|
| |
+ N_(" command to run before saving the certificate\n"),
|
| |
+ N_(" -C COMMAND, --after-command=COMMAND\n"),
|
| |
+ N_(" command to run after saving the certificate\n"),
|
| |
+ N_(" -F FILE, --ca-file=FILE\n"),
|
| |
+ N_(" file in which to store the CA's certificates\n"),
|
| |
+ N_(" -a DIR, --ca-dbdir=DIR\n"),
|
| |
+ N_(" NSS database in which to store the CA's certificates\n"),
|
| |
+ N_(" -w, --wait try to wait for the certificate to be issued\n"),
|
| |
+ N_(" --wait-timeout TIMEOUT\n"),
|
| |
+ N_(" Maximum time to wait for the certificateto be issued\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
+ N_(" -o OWNER, --key-owner=OWNER\n"),
|
| |
+ N_(" owner information for private key\n"),
|
| |
+ N_(" -m MODE, --key-perms=MODE\n"),
|
| |
+ N_(" file permissions for private key\n"),
|
| |
+ N_(" -O OWNER, --cert-owner=OWNER\n"),
|
| |
+ N_(" owner information for certificate\n"),
|
| |
+ N_(" -M MODE, --cert-perms=MODE\n"),
|
| |
+ N_(" file permissions for certificate\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *stop_tracking_help[] = {
|
| |
@@ -4983,21 +5053,24 @@
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* By request identifier:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -k FILE PEM file for private key\n"),
|
| |
- N_(" -f FILE PEM file for certificate (only valid with -k)\n"),
|
| |
+ N_(" -k FILE, --keyfile=FILE\n"),
|
| |
+ N_(" PEM file for private key\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate (only valid with -k)\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
+ "\n",
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *resubmit_help[] = {
|
| |
@@ -5005,53 +5078,82 @@
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* By request identifier:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -t NAME, --token=NAME optional token name for NSS-based storage\n"),
|
| |
+ N_(" (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -f FILE PEM file for certificate\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate\n"),
|
| |
"\n",
|
| |
N_("* If keys are encrypted:\n"),
|
| |
- N_(" -p FILE file which holds the encryption PIN\n"),
|
| |
- N_(" -P PIN PIN value\n"),
|
| |
+ N_(" -p FILE, --pinfile=FILE\n"),
|
| |
+ N_(" file which holds the encryption PIN\n"),
|
| |
+ N_(" -P PIN, --pin=PIN PIN value\n"),
|
| |
"\n",
|
| |
N_("* New parameter values for the signing request:\n"),
|
| |
- N_(" -N NAME set requested subject name (default: CN=<hostname>)\n"),
|
| |
- N_(" -U EXTUSAGE set requested extended key usage OID\n"),
|
| |
- N_(" -u KEYUSAGE set requested key usage value\n"),
|
| |
- N_(" -K NAME set requested principal name\n"),
|
| |
- N_(" -D DNSNAME set requested DNS name\n"),
|
| |
- N_(" -E EMAIL set requested email address\n"),
|
| |
- N_(" -A ADDRESS set requested IP address\n"),
|
| |
- N_(" -l FILE file which holds an optional challenge password\n"),
|
| |
- N_(" -L PASSWORD an optional challenge password value\n"),
|
| |
+ N_(" -N NAME, --subject-name=NAME\n"),
|
| |
+ N_(" set requested subject name (default: CN=<hostname>)\n"),
|
| |
+ N_(" -U EXTUSAGE, --extended-key-usage=EXTUSAGE\n"),
|
| |
+ N_(" override requested extended key usage OID\n"),
|
| |
+ N_(" -u KEYUSAGE, --key-usage=KEYUSAGE\n"),
|
| |
+ N_(" set requested key usage value\n"),
|
| |
+ N_(" -K NAME, --principal=NAME\n"),
|
| |
+ N_(" override requested principal name\n"),
|
| |
+ N_(" -D DNSNAME, --dns=DNSNAME\n"),
|
| |
+ N_(" override requested DNS name\n"),
|
| |
+ N_(" -E EMAIL, --email=EMAIL\n"),
|
| |
+ N_(" override requested email address\n"),
|
| |
+ N_(" -A ADDRESS, --ip-address=ADDRESS\n"),
|
| |
+ N_(" override requested IP address\n"),
|
| |
+ N_(" -l FILE, --challenge-password-file=FILE\n"),
|
| |
+ N_(" file which holds an optional challenge password\n"),
|
| |
+ N_(" -L PASSWORD, --challenge-password=PASSWORD\n"),
|
| |
+ N_(" an optional challenge password value\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Certificate handling settings:\n"),
|
| |
- N_(" -I NAME new nickname to give to tracking request\n"),
|
| |
+ N_(" -I NAME, --new-id=NAME\n"),
|
| |
+ N_(" new nickname to give to tracking request\n"),
|
| |
#ifndef FORCE_CA
|
| |
- N_(" -c CA use the specified CA rather than the current one\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
- N_(" -T PROFILE ask the CA to process the request using the named profile or template\n"),
|
| |
+ N_(" -T PROFILE, --profile=NAME\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named profile or template\n"),
|
| |
N_(" --ms-template-spec SPEC\n"),
|
| |
- N_(" include V2 template specifier in CSR (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
- N_(" -X ISSUER ask the CA to process the request using the named issuer\n"),
|
| |
+ N_(" include V2 template specifier in CSR\n"),
|
| |
+ N_(" (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
+ N_(" -X ISSUER, --issuer=ISSUER\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named issuer\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -B command to run before saving the certificate\n"),
|
| |
- N_(" -C command to run after saving the certificate\n"),
|
| |
- N_(" -F file in which to store the CA's certificates\n"),
|
| |
- N_(" -a NSS database in which to store the CA's certificates\n"),
|
| |
- N_(" -w try to wait for the certificate to be issued\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
- N_(" -o OWNER owner information for private key\n"),
|
| |
- N_(" -m MODE file permissions for private key\n"),
|
| |
- N_(" -O OWNER owner information for certificate\n"),
|
| |
- N_(" -M MODE file permissions for certificate\n"),
|
| |
+ N_(" -B COMMAND, --before-command=COMMAND\n"),
|
| |
+ N_(" command to run before saving the certificate\n"),
|
| |
+ N_(" -C COMMAND, --after-command=COMMAND\n"),
|
| |
+ N_(" command to run after saving the certificate\n"),
|
| |
+ N_(" -F FILE, --ca-file=FILE\n"),
|
| |
+ N_(" file in which to store the CA's certificates\n"),
|
| |
+ N_(" -a DIR, --ca-dbdir=DIR\n"),
|
| |
+ N_(" NSS database in which to store the CA's certificates\n"),
|
| |
+ N_(" -w, --wait try to wait for the certificate to be issued\n"),
|
| |
+ N_(" --wait-timeout TIMEOUT\n"),
|
| |
+ N_(" Maximum time to wait for the certificateto be issued\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
+ N_(" -o OWNER, --key-owner=OWNER\n"),
|
| |
+ N_(" owner information for private key\n"),
|
| |
+ N_(" -m MODE, --key-perms=MODE\n"),
|
| |
+ N_(" file permissions for private key\n"),
|
| |
+ N_(" -O OWNER, --cert-owner=OWNER\n"),
|
| |
+ N_(" owner information for certificate\n"),
|
| |
+ N_(" -M MODE, --cert-perms=MODE\n"),
|
| |
+ N_(" file permissions for certificate\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *rekey_help[] = {
|
| |
@@ -5059,51 +5161,80 @@
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* By request identifier:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -t NAME, --token=NAME optional token name for NSS-based storage\n"),
|
| |
+ N_(" (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -f FILE PEM file for certificate\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate\n"),
|
| |
"\n",
|
| |
N_("* If keys are encrypted:\n"),
|
| |
- N_(" -p FILE file which holds the encryption PIN\n"),
|
| |
- N_(" -P PIN PIN value\n"),
|
| |
+ N_(" -p FILE, --pinfile=FILE\n"),
|
| |
+ N_(" file which holds the encryption PIN\n"),
|
| |
+ N_(" -P PIN, --pin=PIN PIN value\n"),
|
| |
"\n",
|
| |
N_("* New parameter values for the signing request:\n"),
|
| |
- N_(" -N NAME set requested subject name (default: CN=<hostname>)\n"),
|
| |
- N_(" -U EXTUSAGE set requested extended key usage OID\n"),
|
| |
- N_(" -u KEYUSAGE set requested key usage value\n"),
|
| |
- N_(" -K NAME set requested principal name\n"),
|
| |
- N_(" -D DNSNAME set requested DNS name\n"),
|
| |
- N_(" -E EMAIL set requested email address\n"),
|
| |
- N_(" -A ADDRESS set requested IP address\n"),
|
| |
- N_(" -l FILE file which holds an optional challenge password\n"),
|
| |
- N_(" -L PASSWORD an optional challenge password value\n"),
|
| |
+ N_(" -N NAME, --subject-name=NAME\n"),
|
| |
+ N_(" set requested subject name (default: CN=<hostname>)\n"),
|
| |
+ N_(" -U EXTUSAGE, --extended-key-usage=EXTUSAGE\n"),
|
| |
+ N_(" override requested extended key usage OID\n"),
|
| |
+ N_(" -u KEYUSAGE, --key-usage=KEYUSAGE\n"),
|
| |
+ N_(" set requested key usage value\n"),
|
| |
+ N_(" -K NAME, --principal=NAME\n"),
|
| |
+ N_(" override requested principal name\n"),
|
| |
+ N_(" -D DNSNAME, --dns=DNSNAME\n"),
|
| |
+ N_(" override requested DNS name\n"),
|
| |
+ N_(" -E EMAIL, --email=EMAIL\n"),
|
| |
+ N_(" override requested email address\n"),
|
| |
+ N_(" -A ADDRESS, --ip-address=ADDRESS\n"),
|
| |
+ N_(" override requested IP address\n"),
|
| |
+ N_(" -l FILE, --challenge-password-file=FILE\n"),
|
| |
+ N_(" file which holds an optional challenge password\n"),
|
| |
+ N_(" -L PASSWORD, --challenge-password=PASSWORD\n"),
|
| |
+ N_(" an optional challenge password value\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Certificate handling settings:\n"),
|
| |
- N_(" -I NAME new nickname to give to tracking request\n"),
|
| |
+ N_(" -I NAME, --new-id=NAME\n"),
|
| |
+ N_(" new nickname to give to tracking request\n"),
|
| |
#ifndef FORCE_CA
|
| |
- N_(" -c CA use the specified CA rather than the current one\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
- N_(" -T PROFILE ask the CA to process the request using the named profile or template\n"),
|
| |
+ N_(" -T PROFILE, --profile=NAME\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named profile or template\n"),
|
| |
N_(" --ms-template-spec SPEC\n"),
|
| |
- N_(" include V2 template specifier in CSR (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
- N_(" -X ISSUER ask the CA to process the request using the named issuer\n"),
|
| |
- N_(" -G TYPE type of new key to be generated\n"),
|
| |
- N_(" -g SIZE size of new key to be generated\n"),
|
| |
+ N_(" include V2 template specifier in CSR\n"),
|
| |
+ N_(" (format: OID:MAJOR-VERSION[:MINOR-VERSION])\n"),
|
| |
+ N_(" -X ISSUER, --issuer=ISSUER\n"),
|
| |
+ N_(" ask the CA to process the request using the\n"),
|
| |
+ N_(" named issuer\n"),
|
| |
+ N_(" -G TYPE, --key-type=TYPE\n"),
|
| |
+ N_(" type of key to be generated if one is not already\n"),
|
| |
+ N_(" in place\n"),
|
| |
+ N_(" -g BITS, --key-size=BITS\n"),
|
| |
+ N_(" size of key to be generated if one is not already\n"),
|
| |
+ N_(" in place\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -B command to run before saving the certificate\n"),
|
| |
- N_(" -C command to run after saving the certificate\n"),
|
| |
- N_(" -F file in which to store the CA's certificates\n"),
|
| |
- N_(" -a NSS database in which to store the CA's certificates\n"),
|
| |
- N_(" -w try to wait for the certificate to be issued\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -B COMMAND, --before-command=COMMAND\n"),
|
| |
+ N_(" command to run before saving the certificate\n"),
|
| |
+ N_(" -C COMMAND, --after-command=COMMAND\n"),
|
| |
+ N_(" command to run after saving the certificate\n"),
|
| |
+ N_(" -F FILE, --ca-file=FILE\n"),
|
| |
+ N_(" file in which to store the CA's certificates\n"),
|
| |
+ N_(" -a DIR, --ca-dbdir=DIR\n"),
|
| |
+ N_(" NSS database in which to store the CA's certificates\n"),
|
| |
+ N_(" -w, --wait try to wait for the certificate to be issued\n"),
|
| |
+ N_(" --wait-timeout TIMEOUT\n"),
|
| |
+ N_(" Maximum time to wait for the certificateto be issued\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *list_help[] = {
|
| |
@@ -5112,46 +5243,52 @@
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* General options:\n"),
|
| |
#ifndef FORCE_CA
|
| |
- N_(" -c CA list only requests and certs associated with this CA\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
- N_(" -r list only information about outstanding requests\n"),
|
| |
- N_(" -t list only information about tracked certificates\n"),
|
| |
- N_(" -u display times in UTC instead of local time\n"),
|
| |
+ N_(" -r, --requests-only list only information about outstanding requests\n"),
|
| |
+ N_(" -t, --tracking-only list only information about tracked certificates\n"),
|
| |
+ N_(" -u, --utc display times in UTC instead of local time\n"),
|
| |
N_("* If selecting a specific request:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR only list requests and certs which use this NSS database\n"),
|
| |
- N_(" -n NAME only list requests and certs which use this nickname\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -f FILE only list requests and certs stored in this PEM file\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" only list requests and certs stored in this PEM file\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *refresh_help[] = {
|
| |
N_("Usage: %s refresh [options]\n"),
|
| |
"\n",
|
| |
N_("* General options:\n"),
|
| |
- N_(" -a refresh information about all outstanding requests\n"),
|
| |
+ N_(" -a, --all refresh information about all outstanding requests\n"),
|
| |
"\n",
|
| |
N_("Required arguments:\n"),
|
| |
N_("* By request identifier:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* If using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR NSS database for key and cert\n"),
|
| |
- N_(" -n NAME nickname for NSS-based storage (only valid with -d)\n"),
|
| |
- N_(" -t NAME optional token name for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
+ N_(" -t NAME, --token=NAME optional token name for NSS-based storage\n"),
|
| |
+ N_(" (only valid with -d)\n"),
|
| |
N_("* If using files for storage:\n"),
|
| |
- N_(" -f FILE PEM file for certificate\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" PEM file for certificate\n"),
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
+ N_("* Other options:\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *status_help[] = {
|
| |
@@ -5159,17 +5296,19 @@
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* Selecting a specific request:\n"),
|
| |
- N_(" -i NAME nickname for tracking request\n"),
|
| |
+ N_(" -i NAME, --id=NAME nickname for tracking request\n"),
|
| |
N_("* When using an NSS database for storage:\n"),
|
| |
- N_(" -d DIR return status for the request in this NSS database\n"),
|
| |
- N_(" -n NAME return status for cert which uses this nickname\n"),
|
| |
+ N_(" -d DIR, --dbdir=DIR NSS database for key and cert\n"),
|
| |
+ N_(" -n NAME, --nickname NAME\n"),
|
| |
+ N_(" nickname for NSS-based storage (only valid with -d)\n"),
|
| |
N_("* When using files for storage:\n"),
|
| |
- N_(" -f FILE return status for cert stored in this PEM file\n"),
|
| |
+ N_(" -f FILE, --certfile=FILE\n"),
|
| |
+ N_(" return status for cert stored in this PEM file\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *list_cas_help[] = {
|
| |
@@ -5178,13 +5317,13 @@
|
| |
N_("Optional arguments:\n"),
|
| |
#ifndef FORCE_CA
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA list only information about the CA with this name\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
#endif
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *refresh_ca_help[] = {
|
| |
@@ -5193,14 +5332,14 @@
|
| |
N_("Optional arguments:\n"),
|
| |
#ifndef FORCE_CA
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA refresh information about the CA with this name\n"),
|
| |
- N_(" -a refresh information about all known CAs\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
+ N_(" -a, --all refresh information about all known CAs\n"),
|
| |
#endif
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
#ifndef FORCE_CA
|
| |
@@ -5209,13 +5348,13 @@
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA nickname to give to the new CA configuration\n"),
|
| |
- N_(" -e CMD helper command to run to communicate with CA\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
+ N_(" -e CMD, --command CMD helper command to run to communicate with CA\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *add_scep_ca_help[] = {
|
| |
@@ -5223,18 +5362,23 @@
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA nickname to give to the new CA configuration\n"),
|
| |
- N_(" -u URL location of SCEP server\n"),
|
| |
- N_(" -i ID CA identifier\n"),
|
| |
- N_(" -R FILE file containing CA's certificate\n"),
|
| |
- N_(" -r FILE file containing RA's certificate\n"),
|
| |
- N_(" -I FILE file containing certificates in RA's certifying chain\n"),
|
| |
- N_(" -n prefer not to use the SCEP Renewal feature\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
+ N_(" -u URL, --URL URL location of SCEP server\n"),
|
| |
+ N_(" -i ID, --id ID CA identifier\n"),
|
| |
+ N_(" -R FILE, --cacert=FILE\n"),
|
| |
+ N_(" file containing web server's certificate\n"),
|
| |
+ N_(" -r FILE, --racert=FILE\n"),
|
| |
+ N_(" file containing RA's certificate\n"),
|
| |
+ N_(" -N FILE, --signingca=FILE\n"),
|
| |
+ N_(" file containing CA's certificate\n"),
|
| |
+ N_(" -I FILE, --other-certs=FILE\n"),
|
| |
+ N_(" file containing certificates in RA's certifying chain\n"),
|
| |
+ N_(" -n, --non-renewal prefer not to use the SCEP Renewal feature\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *modify_ca_help[] = {
|
| |
@@ -5242,13 +5386,13 @@
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA nickname of the CA configuration\n"),
|
| |
- N_(" -e CMD updated helper command to run to communicate with CA\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
+ N_(" -e CMD, --command CMD helper command to run to communicate with CA\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
const char *remove_ca_help[] = {
|
| |
@@ -5256,12 +5400,12 @@
|
| |
"\n",
|
| |
N_("Optional arguments:\n"),
|
| |
N_("* General options:\n"),
|
| |
- N_(" -c CA nickname of CA configuration to remove\n"),
|
| |
+ N_(" -c CA, --ca=NAME use the specified CA rather than the default\n"),
|
| |
N_("* Bus options:\n"),
|
| |
- N_(" -S connect to the certmonger service on the system bus\n"),
|
| |
- N_(" -s connect to the certmonger service on the session bus\n"),
|
| |
+ N_(" -S, --system connect to the certmonger service on the system bus\n"),
|
| |
+ N_(" -s, --session connect to the certmonger service on the session bus\n"),
|
| |
N_("* Other options:\n"),
|
| |
- N_(" -v report all details of errors\n"),
|
| |
+ N_(" -v, --verbose report all details of errors\n"),
|
| |
NULL,
|
| |
};
|
| |
#endif
|
| |
The long options for the commands and daemon were not documented either in the man page or the help output.