Scroll to navigation

PKI --VERIFY(1) strongSwan PKI --VERIFY(1)

NAME

pki --verify - Verify a certificate using a CA certificate

SYNOPSIS

pki --verify [--in file] [--cacert file] [--debug level] [--online]
pki --verify --options file
pki --verify -h | --help

DESCRIPTION

This sub-command of pki(1) verifies a certificate using an optional CA certificate.

OPTIONS

Print usage information with a summary of the available options.
Set debug level, default: 1.
-+, --options file
Read command line options from file.
X.509 certificate to verify. If not given it is read from STDIN.
CA certificate to use for trustchain verification. If not given the certificate is assumed to be self-signed.
Enable online CRL/OCSP revocation checking.

EXIT STATUS

The exit status is 0 if the certificate was verified successfully, 1 if the certificate is untrusted, 2 if the certificate's lifetimes are invalid, and 3 if the certificate was verified successfully but the online revocation check indicated that it has been revoked.

SEE ALSO

pki(1)

2013-07-31 5.2.0