SSL-ssltool
Jump To: Support > KB > NetManager > SSL > ssltool
ssltool
ssltool is a general-purpose command to handle all aspects of managing SSL certificates. It can:
- Create new certificate requests for use with an external CA
- Import and install certificates you've obtained
- Restart any services as necessary after new certificates
- Export certificates and keys in different formats for use on different devices
- Handle being a local CA
- Help set up automation
Its syntax is:
ssltool [-1s] [-p pass] [-r details] [-o file] [-a fqdn]
[-f file|<domainname:version>] <operation>
-p = passphrase
-f = operate on given file rather than domainname:version
-o = output to file
-a = add given FQDN as SAN, can be specified multiple times
-s = always self-sign when creating cert
-1 = generate SHA1 cert
-r = request for given organisation,town,county
operation is one of
getcsr - get CSR
getcrt - get certificate
getcrtinter - get certificate with intermediates
getkey - get private key
getpem - get PEM (key+cert)
getpeminter - get PEM (key+cert) with intermediate certs
getpfx - get PFX (binary, should redirect to file)
getpfxinter - get PFX with intermediate certs
details - get certificate details
getinter - get list of intermediate certs required
create - create new version (default key length 2048)
makelive - make specified version live
services - show services using this cert version
rebuild - rebuild services using this cert version
find - find certificate (and version) matching given FQDN
findfingerprint - find certificate (and version) matching given SHA1 fingerprint
findserial - find certificate (and version) matching given serial number
getacme - return acme.sh commands to set up an ACME config
Or without domainname:
list - list all certificates and versions
import - import certificate from stdin
ca - show status of local CA
getcacrt - get CA certificate