keyclient

Langue: en

Version: 385574 (fedora - 01/12/10)

Section: 8 (Commandes administrateur)

NAME

keyclient - generate and distribute keys on behalf of Pubcookie.

SYNOPSIS

keyclient [options]
Download host key from the keyserver.
keyclient -P <host> [options]
Allow <host> to also access the keyserver.
keyclient -U <cert file> [options]
Upload <cert file> to the keyserver.
keyclient -G <gcert file> [options]
Download granting certificate from the keyserver, and write it to <gcert file>.

DESCRIPTION

keyclient is used by participating Pubcookie application servers to securely request keys from the login server's keyserver component.

OPTIONS

-f <config file>
Use alternate configuration file.
-K <URI>
URI of key management server (running keyserver).
-k <key file>
Key to use for TLS authentication.
-a
Expect key file in ASN.1 format.
-p
Expect key file in PEM format (default).
-c <cert file>
Certificate to use for TLS authentication.
-C <cert file>
CA certificate to use for client verification.
-D <CA directory>
Directory of trusted CAs, hashed OpenSSL-style.
-H <host name>
Specify requesting host name. Useful when the application server uses a wildcard certificate (CN is *.subdomain.example.edu), or if the application server host name is one of several in the certificate's Subject Alt Name field.
-K <URI>
Directory of trusted CAs, hashed OpenSSL-style.
-d
Download existing, rather than generating new host key.
-u
Upload local host key to keyserver.
-n
Just show what would be done.
-q
Quiet mode.

FILES

 /etc/pubcookie/config
 

SEE ALSO

 keyserver (8)
 xinetd (8)
 openssl (1)
 /usr/share/doc/mod_pubcookie*/doc/*.html