[Gpg4win-users-en] unknown keyword in gpgsm --gen-key --batch certificate
Werner Koch
wk at gnupg.org
Mon Jan 6 23:27:37 CET 2014
On Fri, 3 Jan 2014 18:37, cristian.baboi at gmail.com said:
> Is it possible to create certificates (not requests) with gpgsm from gpg4win?
Yes. Except for CRL stuff all mechanisms to build your own CA software
are there.
Example:
$ ~/b/gnupg-2.0/sm/gpgsm --version
gpgsm (GnuPG) 2.0.23-beta13
libgcrypt 1.5.3
libksba 1.2.0-gitd5bf2a9
$ ~/b/gnupg-2.0/sm/gpgsm --gen-key
Please select what kind of key you want:
(1) RSA
(2) Existing key
(3) Existing key from card
Your selection? 1
What keysize do you want? (2048)
Requested keysize is 2048 bits
Possible actions for a RSA key:
(1) sign, encrypt
(2) sign
(3) encrypt
Your selection? 1
Enter the X.509 subject name: CN=Certy Self
Enter email addresses (end with an empty line):
> certy at example.org
>
Enter DNS names (optional; end with an empty line):
>
Enter URIs (optional; end with an empty line):
>
Parameters to be used for the certificate request:
Key-Type: RSA
Key-Length: 2048
Key-Usage: sign, encrypt
Name-DN: CN=Certy Self
Name-Email: certy at example.org
Really create request? (y/N) y
Now creating certificate request. This may take a while ...
gpgsm: DBG: connection to agent established
gpgsm: about to sign CSR for key: &B06ECC0A214585968676567BAA4CEBA5CAF34B11
-----BEGIN CERTIFICATE REQUEST-----
MIICiTCCAXECAQAwFTETMBEGA1UEAxMKQ2VydHkgU2VsZjCCASIwDQYJKoZIhvcN
[...]
2.0.22 should be identical.
Salam-Shalom,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
More information about the Gpg4win-users-en
mailing list