Lines Matching +full:other +full:- +full:key
1 .\" -*- mode: troff; coding: utf-8 -*-
57 .IX Title "OPENSSL-VERIFICATION-OPTIONS 1ossl"
58 .TH OPENSSL-VERIFICATION-OPTIONS 1ossl 2025-07-01 3.5.1 OpenSSL
64 openssl\-verification\-options \- generic X.509 certificate verification options
85 is a high-level specification of the intended use of the target certificate,
91 DANE support is documented in \fBopenssl\-s_client\fR\|(1),
97 any public key and related subject distinguished name (DN) that
102 where their essential fields are the public key and the subject DN.
106 In particular, the subject key identifier extension, if present,
110 all self-signed "root" CA certificates that are placed in the \fItrust store\fR,
123 The purposes are encoded using the values defined for the extended key usages
124 (EKUs) that may be given in X.509 extensions of end-entity certificates.
125 See also the "Extended Key Usage" section below.
135 A certificate, which may be CA certificate or an end-entity certificate,
145 It is self-signed or the \fB\-partial_chain\fR option is given
153 a certificate with suitable key usage that
160 When a self-signed certificate has been added, chain construction stops.
168 If the subject certificate has an authority key identifier extension,
169 each of its sub-fields equals the corresponding subject key identifier, serial
175 equals the public key algorithm of the candidate issuer certificate.
185 The first step is to check that each certificate is well-formed.
186 Part of these checks are enabled only if the \fB\-x509_strict\fR option is given.
190 If the \fB\-purpose\fR option is not given then no such checks are done except for
195 All other certificates down the chain are checked to be valid CA certificates,
196 and possibly also further non-standard checks are performed.
201 (which typically is a self-signed root CA certificate).
203 For compatibility with previous versions of OpenSSL, a self-signed certificate
210 The \fB\-attime\fR flag may be used to use a reference time other than "now."
212 (except for the signature of the typically self-signed root CA certificate,
213 which is verified only if the \fB\-check_ss_sig\fR option is given).
217 or to permit keyCertSign for signing other certificates, respectively.
231 <https://www.mozilla.org/en\-US/about/governance/policies/security\-group/certs/>.
235 .IP "\fB\-CAfile\fR \fIfile\fR" 4
236 .IX Item "-CAfile file"
239 PEM-encoded certificates may also have trust attributes set.
240 .IP \fB\-no\-CAfile\fR 4
241 .IX Item "-no-CAfile"
243 .IP "\fB\-CApath\fR \fIdir\fR" 4
244 .IX Item "-CApath dir"
250 See \fBopenssl\-rehash\fR\|(1) for information on creating this type of directory.
251 .IP \fB\-no\-CApath\fR 4
252 .IX Item "-no-CApath"
254 .IP "\fB\-CAstore\fR \fIuri\fR" 4
255 .IX Item "-CAstore uri"
258 With URIs in the \f(CW\*(C`file:\*(C'\fR scheme, this acts as \fB\-CAfile\fR or
259 \&\fB\-CApath\fR, depending on if the URI indicates a single file or
261 See \fBossl_store\-file\fR\|(7) for more information on the \f(CW\*(C`file:\*(C'\fR scheme.
264 chain (for example with \fBopenssl\-s_server\fR\|(1)) or client certificate
265 chain (for example with \fBopenssl\-s_time\fR\|(1)).
266 .IP \fB\-no\-CAstore\fR 4
267 .IX Item "-no-CAstore"
271 The certificate verification can be fine-tuned with the following flags.
272 .IP \fB\-verbose\fR 4
273 .IX Item "-verbose"
275 .IP "\fB\-attime\fR \fItimestamp\fR" 4
276 .IX Item "-attime timestamp"
280 .IP \fB\-no_check_time\fR 4
281 .IX Item "-no_check_time"
283 against the current time. If option \fB\-attime\fR is used to specify
285 .IP \fB\-x509_strict\fR 4
286 .IX Item "-x509_strict"
287 This disables non-compliant workarounds for broken certificates.
291 among others, the following certificate well-formedness conditions are checked:
298 If a pathlenConstraint is given the key usage keyCertSign must be allowed.
300 The pathlenConstraint must not be given for non-CA certificates.
315 are self-signed.
321 .IP \fB\-ignore_critical\fR 4
322 .IX Item "-ignore_critical"
326 .IP \fB\-issuer_checks\fR 4
327 .IX Item "-issuer_checks"
329 .IP \fB\-crl_check\fR 4
330 .IX Item "-crl_check"
333 .IP \fB\-crl_check_all\fR 4
334 .IX Item "-crl_check_all"
337 .IP \fB\-use_deltas\fR 4
338 .IX Item "-use_deltas"
340 .IP \fB\-extended_crl\fR 4
341 .IX Item "-extended_crl"
344 .IP "\fB\-suiteB_128_only\fR, \fB\-suiteB_128\fR, \fB\-suiteB_192\fR" 4
345 .IX Item "-suiteB_128_only, -suiteB_128, -suiteB_192"
350 P\-256 and P\-384.
351 .IP "\fB\-auth_level\fR \fIlevel\fR" 4
352 .IX Item "-auth_level level"
355 public key strength when verifying certificate chains. For a certificate
360 other than its signature. See \fBSSL_CTX_set_security_level\fR\|(3) for the
361 definitions of the available levels. The default security level is \-1,
363 Security level 1 requires at least 80\-bit\-equivalent security and is broadly
366 .IP \fB\-partial_chain\fR 4
367 .IX Item "-partial_chain"
370 (because it has no matching positive trust attributes and is not self-signed)
372 This certificate may be self-issued or belong to an intermediate CA.
373 .IP \fB\-check_ss_sig\fR 4
374 .IX Item "-check_ss_sig"
376 the last certificate in a chain if the certificate is supposedly self-signed.
377 This is prohibited and will result in an error if it is a non-conforming CA
378 certificate with key usage restrictions not including the keyCertSign bit.
380 .IP \fB\-allow_proxy_certs\fR 4
381 .IX Item "-allow_proxy_certs"
383 .IP \fB\-trusted_first\fR 4
384 .IX Item "-trusted_first"
388 via \fB\-CAfile\fR, \fB\-CApath\fR, \fB\-CAstore\fR or \fB\-trusted\fR are always used
389 before any certificates specified via \fB\-untrusted\fR.
390 .IP \fB\-no_alt_chains\fR 4
391 .IX Item "-no_alt_chains"
392 As of OpenSSL 1.1.0, since \fB\-trusted_first\fR always on, this option has no
394 .IP "\fB\-trusted\fR \fIfile\fR" 4
395 .IX Item "-trusted file"
398 or it is self-signed or the \fB\-partial_chain\fR option is specified.
399 This option implies the \fB\-no\-CAfile\fR, \fB\-no\-CApath\fR, and \fB\-no\-CAstore\fR options
400 and it cannot be used with the \fB\-CAfile\fR, \fB\-CApath\fR or \fB\-CAstore\fR options, so
401 only certificates specified using the \fB\-trusted\fR option are trust anchors.
403 .IP "\fB\-untrusted\fR \fIfile\fR" 4
404 .IX Item "-untrusted file"
410 .IP "\fB\-policy\fR \fIarg\fR" 4
411 .IX Item "-policy arg"
412 Enable policy processing and add \fIarg\fR to the user-initial-policy-set (see
415 .IP \fB\-explicit_policy\fR 4
416 .IX Item "-explicit_policy"
417 Set policy variable require-explicit-policy (see RFC5280).
418 .IP \fB\-policy_check\fR 4
419 .IX Item "-policy_check"
421 .IP \fB\-policy_print\fR 4
422 .IX Item "-policy_print"
424 .IP \fB\-inhibit_any\fR 4
425 .IX Item "-inhibit_any"
426 Set policy variable inhibit-any-policy (see RFC5280).
427 .IP \fB\-inhibit_map\fR 4
428 .IX Item "-inhibit_map"
429 Set policy variable inhibit-policy-mapping (see RFC5280).
430 .IP "\fB\-purpose\fR \fIpurpose\fR" 4
431 .IX Item "-purpose purpose"
432 A high-level specification of the intended use of the target certificate.
437 and thus the commands \fBopenssl\-s_client\fR\|(1) and \fBopenssl\-s_server\fR\|(1)
440 By default, CMS signature validation, which can be done via \fBopenssl\-cms\fR\|(1),
443 While IETF RFC 5280 says that \fBid-kp-serverAuth\fR and \fBid-kp-clientAuth\fR
446 .IP "\fB\-verify_depth\fR \fInum\fR" 4
447 .IX Item "-verify_depth num"
450 end-entity certificate nor the trust-anchor certificate count against the
451 \&\fB\-verify_depth\fR limit.
452 .IP "\fB\-verify_email\fR \fIemail\fR" 4
453 .IX Item "-verify_email email"
456 .IP "\fB\-verify_hostname\fR \fIhostname\fR" 4
457 .IX Item "-verify_hostname hostname"
460 .IP "\fB\-verify_ip\fR \fIip\fR" 4
461 .IX Item "-verify_ip ip"
464 .IP "\fB\-verify_name\fR \fIname\fR" 4
465 .IX Item "-verify_name name"
473 partly be set also via other command-line options, and the verification purpose,
474 which in turn implies certificate key usage and extended key usage requirements.
478 They can be given using the \fB\-addtrust\fR and \fB\-addreject\fR options
479 for \fBopenssl\-x509\fR\|(1).
483 end-entity certificate.
485 for another a CA in other organization.
487 signature formats, such as a SHA\-1 and a SHA\-256 digest.
491 .IP "\fB\-xkey\fR \fIinfile\fR, \fB\-xcert\fR \fIinfile\fR, \fB\-xchain\fR" 4
492 .IX Item "-xkey infile, -xcert infile, -xchain"
493 Specify an extra certificate, private key and certificate chain. These behave
494 in the same manner as the \fB\-cert\fR, \fB\-key\fR and \fB\-cert_chain\fR options. When
497 .IP \fB\-xchain_build\fR 4
498 .IX Item "-xchain_build"
500 provided to the server for the extra certificates via the \fB\-xkey\fR,
501 \&\fB\-xcert\fR, and \fB\-xchain\fR options.
502 .IP "\fB\-xcertform\fR \fBDER\fR|\fBPEM\fR|\fBP12\fR" 4
503 .IX Item "-xcertform DER|PEM|P12"
506 .IP "\fB\-xkeyform\fR \fBDER\fR|\fBPEM\fR|\fBP12\fR" 4
507 .IX Item "-xkeyform DER|PEM|P12"
508 The input format for the extra key.
512 Options like \fB\-purpose\fR and \fB\-verify_name\fR trigger the processing of specific
526 other extensions are checked according to the intended use of the certificate.
530 \fIKey Usage\fR
531 .IX Subsection "Key Usage"
537 \fIExtended Key Usage\fR
538 .IX Subsection "Extended Key Usage"
542 in an end-entity certficiate, the key is allowed only for the uses specified,
546 the Extended Key Usage extension will appear only in end-entity certificates,
572 Any given extended key usage extension must allow for \f(CW\*(C`clientAuth\*(C'\fR
576 the key usage must allow for \f(CW\*(C`digitalSignature\*(C'\fR and/or \f(CW\*(C`keyAgreement\*(C'\…
579 For all other certificates the normal CA checks apply. In addition,
585 Any given extended key usage extension must allow for \f(CW\*(C`serverAuth\*(C'\fR
588 For target certificates, the key usage must
592 For all other certificates the normal CA checks apply. In addition,
601 always valid because some cipher suites use the key for digital signing.
605 Any given extended key usage extension must allow for \f(CW\*(C`emailProtection\*(C'\fR.
613 For all other certificates the normal CA checks apply. In addition,
620 the key usage must allow for \f(CW\*(C`digitalSignature\*(C'\fR and/or \fBnonRepudiation\fR.
625 the key usage must allow for \f(CW\*(C`keyEncipherment\*(C'\fR.
629 For target certificates, the key usage must allow for \f(CW\*(C`cRLSign\*(C'\fR.
631 For all other certifcates the normal CA checks apply.
639 For all other certifcates the normal CA checks apply.
643 For target certificates, if the key usage extension is present, it must include
644 …C`digitalSignature\*(C'\fR and/or \f(CW\*(C`nonRepudiation\*(C'\fR and must not include other bits.
648 For all other certifcates the normal CA checks apply.
653 the key usage extension must be present and marked critical and
658 For all other certifcates the normal CA checks apply.
663 subject name must appear in a file (as specified by the \fB\-CAfile\fR option),
664 a directory (as specified by \fB\-CApath\fR),
665 or a store (as specified by \fB\-CAstore\fR).
672 \&\fBopenssl\-verify\fR\|(1),
673 \&\fBopenssl\-ocsp\fR\|(1),
674 \&\fBopenssl\-ts\fR\|(1),
675 \&\fBopenssl\-s_client\fR\|(1),
676 \&\fBopenssl\-s_server\fR\|(1),
677 \&\fBopenssl\-smime\fR\|(1),
678 \&\fBopenssl\-cmp\fR\|(1),
679 \&\fBopenssl\-cms\fR\|(1)
682 The checks enabled by \fB\-x509_strict\fR have been extended in OpenSSL 3.0.
685 Copyright 2000\-2024 The OpenSSL Project Authors. All Rights Reserved.