FreeBSD Manual Pages
EFIKEYGEN(1) General Commands Manual EFIKEYGEN(1) NAME efikeygen - command line tool for generating keys to use for PE image signing SYNOPSIS efikeygen <[--ca | -C] [--self-sign | -S] | [--signer=nickname]> [--token=token | -t token] [--nickname=nickname | -n nickname] [--common-name=common name | -c common name] [--url=url | -u url] [--serial=serial | -s serial] DESCRIPTION efikeygen is a command line tool for generating keys and certificates to be used with pesign. These are standard X.509 certificates, and can potentially be generated with any certificate creation tool. efikeygen simply sets generates keys with sensible options set for a key to be used for PE image signing. OPTIONS --ca The certificate being generated is for a CA. --self-sign The generated certificate is to be self signed. --signer=nickname Nickname of certificate to be used to sign the generated cer- tificate. --token=token Use the specified NSS token's certificate database. --nickname=nickname The nickname to use for the generated certificate. --common-name=common-name The X.509 Common Name for the generated certificate. This should be in rfc2253 syntax, i.e. "CN=John Doe,OU=editing,O=New York Times,L=New York,ST=NY,C=US" --url=url Informational url regarding objects signed with this key. --serial=serial number Serial number for use with this key. A certificate is identi- fied by its signer and its serial number, so it's best not to ever re-use this value with the same signer. By default, this value will be generated using /dev/urandom . It is not recom- mended to use this option to override that. SEE ALSO pesign(1) AUTHORS Peter Jones Mon Jan 07 2013 EFIKEYGEN(1)
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | SEE ALSO | AUTHORS
Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=efikeygen&sektion=1&manpath=FreeBSD+12.2-RELEASE+and+Ports>