smime_keys(1) [centos man page]
smime_keys(1) User Manuals smime_keys(1) NAME
smime_keys - Utility to add S/MIME certificate to the internal database used by mutt SYNOPSIS
smime_keys <operation> [file(s) | keyID [file(s)]] DESCRIPTION
The purpose of this tool is to manipulate the internal database of S/MIME certificates used by mutt to sign mail messages which will be sent or to verify mail messages received and signed with S/MIME OPTIONS
init no files needed, inits directory structure. list lists the certificates stored in database. label keyID required. changes/removes/adds label. remove keyID required. verify 1=keyID and optionally 2=CRL Verifies the certificate chain, and optionally wether this certificate is included in supplied CRL (PEM format). Note: to verify all certificates at the same time, replace keyID with "all" add_cert certificate required. add_chain three files reqd: 1=Key, 2=certificate plus 3=intermediate certificate(s). add_p12 one file reqd. Adds keypair to database. file is PKCS12 (e.g. export from netscape). add_pem one file reqd. Adds keypair to database. (file was converted from e.g. PKCS12). add_root one file reqd. Adds PEM root certificate to the location specified within muttrc (smime_verify_* command) NO WARRANTIES
This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MER- CHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. Mutt Home Page: http://www.mutt.org/ Unix May 2009 smime_keys(1)
Check Out this Related Man Page
OPENSSL_X509_CHECKPURPOSE(3) 1 OPENSSL_X509_CHECKPURPOSE(3) openssl_x509_checkpurpose - Verifies if a certificate can be used for a particular purpose SYNOPSIS
int openssl_x509_checkpurpose (mixed $x509cert, int $purpose, [array $cainfo = array()], [string $untrustedfile]) DESCRIPTION
openssl_x509_checkpurpose(3) examines a certificate to see if it can be used for the specified $purpose. PARAMETERS
o $x509cert - The examined certificate. o $purpose - openssl_x509_checkpurpose(3) purposes +---------------------------+---------------------------------------------------+ | Constant | | | | | | | Description | | | | +---------------------------+---------------------------------------------------+ | X509_PURPOSE_SSL_CLIENT | | | | | | | Can the certificate be used for the client side | | | of an SSL connection? | | | | | X509_PURPOSE_SSL_SERVER | | | | | | | Can the certificate be used for the server side | | | of an SSL connection? | | | | |X509_PURPOSE_NS_SSL_SERVER | | | | | | | Can the cert be used for Netscape SSL server? | | | | | X509_PURPOSE_SMIME_SIGN | | | | | | | Can the cert be used to sign S/MIME email? | | | | |X509_PURPOSE_SMIME_ENCRYPT | | | | | | | Can the cert be used to encrypt S/MIME email? | | | | | X509_PURPOSE_CRL_SIGN | | | | | | | Can the cert be used to sign a certificate revo- | | | cation list (CRL)? | | | | | X509_PURPOSE_ANY | | | | | | | Can the cert be used for Any/All purposes? | | | | +---------------------------+---------------------------------------------------+ These options are not bitfields - you may specify one only! o $cainfo -$cainfo should be an array of trusted CA files/dirs as described in Certificate Verification. o $untrustedfile - If specified, this should be the name of a PEM encoded file holding certificates that can be used to help verify the certifi- cate, although no trust is placed in the certificates that come from that file. RETURN VALUES
Returns TRUE if the certificate can be used for the intended purpose, FALSE if it cannot, or -1 on error. PHP Documentation Group OPENSSL_X509_CHECKPURPOSE(3)