1 .\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32
4 .\" ========================================================================
5 .de Sh \" Subsection heading
13 .de Sp \" Vertical space (when we can't use .PP)
17 .de Vb \" Begin verbatim text
22 .de Ve \" End verbatim text
26 .\" Set up some character translations and predefined strings. \*(-- will
27 .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
28 .\" double quote, and \*(R" will give a right double quote. | will give a
29 .\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to
30 .\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C'
31 .\" expand to `' in nroff, nothing in troff, for use with C<>.
33 .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p'
37 . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch
38 . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch
51 .\" If the F register is turned on, we'll generate index entries on stderr for
52 .\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index
53 .\" entries marked with X<> in POD. Of course, you'll have to process the
54 .\" output yourself in some meaningful fashion.
57 . tm Index:\\$1\t\\n%\t"\\$2"
63 .\" For nroff, turn off justification. Always turn off hyphenation; it makes
64 .\" way too many mistakes in technical documents.
68 .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2).
69 .\" Fear. Run. Save yourself. No user-serviceable parts.
70 . \" fudge factors for nroff and troff
79 . ds #H ((1u-(\\\\n(.fu%2u))*.13m)
85 . \" simple accents for nroff and troff
95 . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u"
96 . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u'
97 . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u'
98 . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u'
99 . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u'
100 . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u'
102 . \" troff and (daisy-wheel) nroff accents
103 .ds : \\k:\h'-(\\n(.wu*8/10-\*(#H+.1m+\*(#F)'\v'-\*(#V'\z.\h'.2m+\*(#F'.\h'|\\n:u'\v'\*(#V'
104 .ds 8 \h'\*(#H'\(*b\h'-\*(#H'
105 .ds o \\k:\h'-(\\n(.wu+\w'\(de'u-\*(#H)/2u'\v'-.3n'\*(#[\z\(de\v'.3n'\h'|\\n:u'\*(#]
106 .ds d- \h'\*(#H'\(pd\h'-\w'~'u'\v'-.25m'\f2\(hy\fP\v'.25m'\h'-\*(#H'
107 .ds D- D\\k:\h'-\w'D'u'\v'-.11m'\z\(hy\v'.11m'\h'|\\n:u'
108 .ds th \*(#[\v'.3m'\s+1I\s-1\v'-.3m'\h'-(\w'I'u*2/3)'\s-1o\s+1\*(#]
109 .ds Th \*(#[\s+2I\s-2\h'-\w'I'u*3/5'\v'-.3m'o\v'.3m'\*(#]
110 .ds ae a\h'-(\w'a'u*4/10)'e
111 .ds Ae A\h'-(\w'A'u*4/10)'E
112 . \" corrections for vroff
113 .if v .ds ~ \\k:\h'-(\\n(.wu*9/10-\*(#H)'\s-2\u~\d\s+2\h'|\\n:u'
114 .if v .ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'\v'-.4m'^\v'.4m'\h'|\\n:u'
115 . \" for low resolution devices (crt and lpr)
116 .if \n(.H>23 .if \n(.V>19 \
129 .\" ========================================================================
132 .TH x509 3 "2009-07-23" "0.9.8k" "OpenSSL"
134 x509 \- X.509 certificate handling
136 .IX Header "SYNOPSIS"
138 \& #include <openssl/x509.h>
141 .IX Header "DESCRIPTION"
142 A X.509 certificate is a structured grouping of information about
143 an individual, a device, or anything one can imagine. A X.509 \s-1CRL\s0
144 (certificate revocation list) is a tool to help determine if a
145 certificate is still valid. The exact definition of those can be
146 found in the X.509 document from \s-1ITU\-T\s0, or in \s-1RFC3280\s0 from \s-1PKIX\s0.
147 In OpenSSL, the type X509 is used to express such a certificate, and
148 the type X509_CRL is used to express a \s-1CRL\s0.
150 A related structure is a certificate request, defined in PKCS#10 from
151 \&\s-1RSA\s0 Security, Inc, also reflected in \s-1RFC2896\s0. In OpenSSL, the type
152 X509_REQ is used to express such a certificate request.
154 To handle some complex parts of a certificate, there are the types
155 X509_NAME (to express a certificate name), X509_ATTRIBUTE (to express
156 a certificate attributes), X509_EXTENSION (to express a certificate
157 extension) and a few more.
159 Finally, there's the supertype X509_INFO, which can contain a \s-1CRL\s0, a
160 certificate and a corresponding private key.
162 \&\fBX509_\fR\fI...\fR, \fBd2i_X509_\fR\fI...\fR and \fBi2d_X509_\fR\fI...\fR handle X.509
163 certificates, with some exceptions, shown below.
165 \&\fBX509_CRL_\fR\fI...\fR, \fBd2i_X509_CRL_\fR\fI...\fR and \fBi2d_X509_CRL_\fR\fI...\fR
168 \&\fBX509_REQ_\fR\fI...\fR, \fBd2i_X509_REQ_\fR\fI...\fR and \fBi2d_X509_REQ_\fR\fI...\fR
169 handle PKCS#10 certificate requests.
171 \&\fBX509_NAME_\fR\fI...\fR handle certificate names.
173 \&\fBX509_ATTRIBUTE_\fR\fI...\fR handle certificate attributes.
175 \&\fBX509_EXTENSION_\fR\fI...\fR handle certificate extensions.
177 .IX Header "SEE ALSO"
178 \&\fIX509_NAME_ENTRY_get_object\fR\|(3),
179 \&\fIX509_NAME_add_entry_by_txt\fR\|(3),
180 \&\fIX509_NAME_add_entry_by_NID\fR\|(3),
181 \&\fIX509_NAME_print_ex\fR\|(3),
182 \&\fIX509_NAME_new\fR\|(3),
183 \&\fId2i_X509\fR\|(3),
184 \&\fId2i_X509_ALGOR\fR\|(3),
185 \&\fId2i_X509_CRL\fR\|(3),
186 \&\fId2i_X509_NAME\fR\|(3),
187 \&\fId2i_X509_REQ\fR\|(3),
188 \&\fId2i_X509_SIG\fR\|(3),