1.\" Automatically generated by Pod::Man 2.25 (Pod::Simple 3.28) |
2.\" 3.\" Standard preamble: 4.\" ======================================================================== 5.de Sp \" Vertical space (when we can't use .PP) 6.if t .sp .5v 7.if n .sp 8.. 9.de Vb \" Begin verbatim text --- 23 unchanged lines hidden (view full) --- 33. ds C` "" 34. ds C' "" 35'br\} 36.el\{\ 37. ds -- \|\(em\| 38. ds PI \(*p 39. ds L" `` 40. ds R" '' |
41'br\} 42.\" 43.\" Escape single quotes in literal strings from groff's Unicode transform. 44.ie \n(.g .ds Aq \(aq 45.el .ds Aq ' 46.\" 47.\" If the F register is turned on, we'll generate index entries on stderr for 48.\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index 49.\" entries marked with X<> in POD. Of course, you'll have to process the 50.\" output yourself in some meaningful fashion. |
51.ie \nF \{\ 52. de IX 53. tm Index:\\$1\t\\n%\t"\\$2" |
54.. |
55. nr % 0 56. rr F 57.\} 58.el \{\ 59. de IX |
60.. |
61.\} |
62.\" 63.\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). 64.\" Fear. Run. Save yourself. No user-serviceable parts. 65. \" fudge factors for nroff and troff 66.if n \{\ 67. ds #H 0 68. ds #V .8m 69. ds #F .3m --- 49 unchanged lines hidden (view full) --- 119. ds Th \o'LP' 120. ds ae ae 121. ds Ae AE 122.\} 123.rm #[ #] #H #V #F C 124.\" ======================================================================== 125.\" 126.IX Title "x509 3" |
127.TH x509 3 "2014-10-15" "1.0.1j" "OpenSSL" |
128.\" For nroff, turn off justification. Always turn off hyphenation; it makes 129.\" way too many mistakes in technical documents. 130.if n .ad l 131.nh 132.SH "NAME" 133x509 \- X.509 certificate handling 134.SH "SYNOPSIS" 135.IX Header "SYNOPSIS" 136.Vb 1 137\& #include <openssl/x509.h> 138.Ve 139.SH "DESCRIPTION" 140.IX Header "DESCRIPTION" 141A X.509 certificate is a structured grouping of information about |
142an individual, a device, or anything one can imagine. A X.509 \s-1CRL\s0 143(certificate revocation list) is a tool to help determine if a |
144certificate is still valid. The exact definition of those can be |
145found in the X.509 document from ITU-T, or in \s-1RFC3280\s0 from \s-1PKIX\s0. |
146In OpenSSL, the type X509 is used to express such a certificate, and |
147the type X509_CRL is used to express a \s-1CRL\s0. |
148.PP 149A related structure is a certificate request, defined in PKCS#10 from |
150\&\s-1RSA\s0 Security, Inc, also reflected in \s-1RFC2896\s0. In OpenSSL, the type |
151X509_REQ is used to express such a certificate request. 152.PP 153To handle some complex parts of a certificate, there are the types 154X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express 155a certificate attributes), X509_EXTENSION (to express a certificate 156extension) and a few more. 157.PP |
158Finally, there's the supertype X509_INFO, which can contain a \s-1CRL\s0, a |
159certificate and a corresponding private key. 160.PP 161\&\fBX509_\fR\fI...\fR, \fBd2i_X509_\fR\fI...\fR and \fBi2d_X509_\fR\fI...\fR handle X.509 162certificates, with some exceptions, shown below. 163.PP 164\&\fBX509_CRL_\fR\fI...\fR, \fBd2i_X509_CRL_\fR\fI...\fR and \fBi2d_X509_CRL_\fR\fI...\fR 165handle X.509 CRLs. 166.PP --- 23 unchanged lines hidden --- |