Update README file and show_usage function
This commit is contained in:
parent
d48dc132be
commit
4a2e5c93f1
63
README.md
63
README.md
|
|
@ -50,47 +50,86 @@ proto udp
|
||||||
remote ovpn.example.com 1194
|
remote ovpn.example.com 1194
|
||||||
|
|
||||||
nobind
|
nobind
|
||||||
|
user nobody
|
||||||
|
group nogroup
|
||||||
persist-key
|
persist-key
|
||||||
persist-tun
|
persist-tun
|
||||||
|
|
||||||
cipher AES-256-CBC
|
cipher AES-256-GCM
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
Usage: ./shellpki <subcommand> [options] [CommonName]
|
Usage: shellpki <subcommand> [options] [CommonName]
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Initialize PKI (create CA key and self-signed cert) :
|
Initialize PKI (create CA key and self-signed cert) :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
./shellpki init <commonName_for_CA>
|
shellpki init <commonName_for_CA>
|
||||||
|
|
||||||
|
Options
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Create a client cert with key and CSR directly generated on server
|
Create a client cert with key and CSR directly generated on server :
|
||||||
(use -p for set a password on client key) :
|
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
./shellpki create [-p] <commonName>
|
shellpki create <commonName>
|
||||||
|
|
||||||
|
Options
|
||||||
|
-f, --file, --csr-file create a client cert from a CSR (doesn't need key)
|
||||||
|
-p, --password prompt the user for a password to set on the client key
|
||||||
|
--password-file if provided with a path to a readable file, the first line is read and set as password on the client key
|
||||||
|
--days specify how many days the certificate should be valid
|
||||||
|
--end-date specify until which date the certificate should be valid, in MM/DD/[YY]YY [hh:mm:ss] format
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
|
--replace-existing if the certificate already exists, revoke it before creating a new one
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Create a client cert from a CSR (doesn't need key) :
|
Revoke a client cert :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
./shellpki create -f <path>
|
shellpki revoke <commonName>
|
||||||
|
|
||||||
|
Options
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
Revoke a client cert with is commonName (CN) :
|
List all certificates :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
./shellpki revoke <commonName>
|
shellpki list <options>
|
||||||
|
|
||||||
|
Options
|
||||||
|
-a, --all
|
||||||
|
-v, --valid
|
||||||
|
-r, --revoked
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
List all actually valid commonName (CN) :
|
Check expiration date of valid certificates :
|
||||||
|
|
||||||
~~~
|
~~~
|
||||||
./shellpki list
|
shellpki check
|
||||||
|
~~~
|
||||||
|
|
||||||
|
Run OCSP_D server :
|
||||||
|
|
||||||
|
~~~
|
||||||
|
shellpki ocsp <ocsp_uri:ocsp_port>
|
||||||
|
~~~
|
||||||
|
|
||||||
|
Show version :
|
||||||
|
|
||||||
|
~~~
|
||||||
|
shellpki version
|
||||||
|
~~~
|
||||||
|
|
||||||
|
Show help :
|
||||||
|
|
||||||
|
~~~
|
||||||
|
shellpki help
|
||||||
~~~
|
~~~
|
||||||
|
|
||||||
## License
|
## License
|
||||||
|
|
|
||||||
46
shellpki
46
shellpki
|
|
@ -36,31 +36,53 @@ Initialize PKI (create CA key and self-signed cert) :
|
||||||
|
|
||||||
${0} init <commonName_for_CA>
|
${0} init <commonName_for_CA>
|
||||||
|
|
||||||
Run OCSP_D server :
|
Options
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
|
|
||||||
${0} ocsp <ocsp_uri:ocsp_port>
|
Create a client cert with key and CSR directly generated on server :
|
||||||
|
|
||||||
Create a client cert with key and CSR directly generated on server
|
${0} create <commonName>
|
||||||
(use -p or --password-file to set a password on the client key) :
|
|
||||||
|
|
||||||
${0} create [-p|--password-file=<FILE>] <commonName>
|
Options
|
||||||
|
-f, --file, --csr-file create a client cert from a CSR (doesn't need key)
|
||||||
|
-p, --password prompt the user for a password to set on the client key
|
||||||
|
--password-file if provided with a path to a readable file, the first line is read and set as password on the client key
|
||||||
|
--days specify how many days the certificate should be valid
|
||||||
|
--end-date specify until which date the certificate should be valid, in MM/DD/[YY]YY [hh:mm:ss] format
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
|
--replace-existing if the certificate already exists, revoke it before creating a new one
|
||||||
|
|
||||||
Create a client cert from a CSR (doesn't need key) :
|
Revoke a client cert :
|
||||||
|
|
||||||
${0} create -f <path>
|
|
||||||
|
|
||||||
Revoke a client cert with is commonName (CN) :
|
|
||||||
|
|
||||||
${0} revoke <commonName>
|
${0} revoke <commonName>
|
||||||
|
|
||||||
List all actually valid commonName (CN) :
|
Options
|
||||||
|
--non-interactive do not prompt the user, and exit if an error occurs
|
||||||
|
|
||||||
${0} list [-a|--all|-v|--valid|-r|--revoked]
|
List all certificates :
|
||||||
|
|
||||||
|
${0} list <options>
|
||||||
|
|
||||||
|
Options
|
||||||
|
-a, --all
|
||||||
|
-v, --valid
|
||||||
|
-r, --revoked
|
||||||
|
|
||||||
Check expiration date of valid certificates :
|
Check expiration date of valid certificates :
|
||||||
|
|
||||||
${0} check
|
${0} check
|
||||||
|
|
||||||
|
Run OCSP_D server :
|
||||||
|
|
||||||
|
${0} ocsp <ocsp_uri:ocsp_port>
|
||||||
|
|
||||||
|
Show version :
|
||||||
|
|
||||||
|
${0} version
|
||||||
|
|
||||||
|
Show help :
|
||||||
|
|
||||||
|
${0} help
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue