openssl-storeutl, storeutl - STORE utility
openssl storeutl [-help] [-out file] [-noout]
[-passin arg] [-text arg] [-engine id] [-r]
[-certs] [-keys] [-crls] [-subject arg]
[-issuer arg] [-serial arg] [-alias arg] [-fingerprint
arg] [-digest] uri ...
The storeutl command can be used to display the contents (after
decryption as the case may be) fetched from the given URIs.
- -help
- Print out a usage message.
- -out filename
- specifies the output filename to write to or standard output by
default.
- -noout
- this option prevents output of the PEM data.
- -passin arg
- the key password source. For more information about the format of
arg see "Pass Phrase Options" in openssl(1).
- -text
- Prints out the objects in text form, similarly to the -text output
from openssl x509, openssl pkey, etc.
- -engine id
- specifying an engine (by its unique id string) will cause
storeutl to attempt to obtain a functional reference to the
specified engine, thus initialising it if needed. The engine will then be
set as the default for all available algorithms.
- -r
- Fetch objects recursively when possible.
- -certs
- -keys
- -crls
- Only select the certificates, keys or CRLs from the given URI. However, if
this URI would return a set of names (URIs), those are always
returned.
- -subject arg
- Search for an object having the subject name arg. The arg must be
formatted as /type0=value0/type1=value1/type2=.... Keyword
characters may be escaped by \ (backslash), and whitespace is retained.
Empty values are permitted but are ignored for the search. That is, a
search with an empty value will have the same effect as not specifying the
type at all.
- -issuer arg
- -serial arg
- Search for an object having the given issuer name and serial number. These
two options must be used together. The issuer arg must be formatted
as /type0=value0/type1=value1/type2=..., characters may be escaped
by \ (backslash), no spaces are skipped. The serial arg may be specified
as a decimal value or a hex value if preceded by 0x.
- -alias arg
- Search for an object having the given alias.
- -fingerprint arg
- Search for an object having the given fingerprint.
- -digest
- The digest that was used to compute the fingerprint given with
-fingerprint.
The openssl storeutl app was added in OpenSSL 1.1.1.
Copyright 2016-2021 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You
may not use this file except in compliance with the License. You can obtain
a copy in the file LICENSE in the source distribution or at
<https://www.openssl.org/source/license.html>.