vfychain(category25-plesk.html) - phpMan

VFYCHAIN(1)                   NSS Security Tools                   VFYCHAIN(1)
NAME
       vfychain_ - vfychain [options] [revocation options] certfile [[options]
       certfile] ...
SYNOPSIS
       vfychain
STATUS
       This documentation is still work in progress. Please contribute to the
       initial review in Mozilla NSS bug 836477[1]
DESCRIPTION
       The verification Tool, vfychain, verifies certificate chains.  modutil
       can add and delete PKCS #11 modules, change passwords on security
       databases, set defaults, list module contents, enable or disable slots,
       enable or disable FIPS 140-2 compliance, and assign default providers
       for cryptographic operations. This tool can also create certificate,
       key, and module security database files.
       The tasks associated with security module database management are part
       of a process that typically also involves managing key databases and
       certificate databases.
OPTIONS
       -a
           the following certfile is base64 encoded
       -b  YYMMDDHHMMZ
           Validate date (default: now)
       -d  directory
           database directory
       -f
           Enable cert fetching from AIA URL
       -o  oid
           Set policy OID for cert validation(Format OID.1.2.3)
       -p
           Use PKIX Library to validate certificate by calling:
           * CERT_VerifyCertificate if specified once,
           * CERT_PKIXVerifyCert if specified twice and more.
       -r
           Following certfile is raw binary DER (default)
       -t
           Following cert is explicitly trusted (overrides db trust)
       -u  usage
           0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email signer,
           5=Email recipient, 6=Object signer, 9=ProtectedObjectSigner,
           10=OCSP responder, 11=Any CA
       -T
           Trust both explicit trust anchors (-t) and the database. (Without
           this option, the default is to only trust certificates marked -t,
           if there are any, or to trust the database if there are
           certificates marked -t.)
       -v
           Verbose mode. Prints root cert subject(double the argument for
           whole root cert info)
       -w  password
           Database password
       -W  pwfile
           Password file
           Revocation options for PKIX API (invoked with -pp options) is a
           collection of the following flags: [-g type [-h flags] [-m type [-s
           flags]] ...] ...
           Where:
       -g  test-type
           Sets status checking test type. Possible values are "leaf" or
           "chain"
       -g  test type
           Sets status checking test type. Possible values are "leaf" or
           "chain".
       -h  test flags
           Sets revocation flags for the test type it follows. Possible flags:
           "testLocalInfoFirst" and "requireFreshInfo".
       -m  method type
           Sets method type for the test type it follows. Possible types are
           "crl" and "ocsp".
       -s  method flags
           Sets revocation flags for the method it follows. Possible types are
           "doNotUse", "forbidFetching", "ignoreDefaultSrc", "requireInfo" and
           "failIfNoInfo".
ADDITIONAL RESOURCES
       For information about NSS and other tools related to NSS (like JSS),
       check out the NSS project wiki at
       http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates
       directly to NSS code changes and releases.
       Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto
       IRC: Freenode at #dogtag-pki
AUTHORS
       The NSS tools were written and maintained by developers with Netscape,
       Red Hat, Sun, Oracle, Mozilla, and Google.
       Authors: Elio Maldonado <emaldona AT redhat.com>, Deon Lackey
       <dlackey AT redhat.com>.
LICENSE
       Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL
       was not distributed with this file, You can obtain one at
       http://mozilla.org/MPL/2.0/.
NOTES
        1. Mozilla NSS bug 836477
           https://bugzilla.mozilla.org/show_bug.cgi?id=836477
nss-tools 3.101.0                 Nov 13 2013                      VFYCHAIN(1)