The
certctl
utility manages the list of TLS Certificate Authorities that are trusted by
applications that use OpenSSL.
Flags:
|
| -D destdir
|
| |
Specify the DESTDIR (overriding values from the environment).
|
| -M metalog
|
| |
Specify the path of the METALOG file (default: $DESTDIR/METALOG).
|
| -n
|
| |
No-Op mode, do not actually perform any actions.
|
| -v
|
| |
Be verbose, print details about actions before performing them.
|
| -U
|
| |
Unprivileged mode, do not change the ownership of created links.
Do record the ownership in the METALOG file.
|
|
Primary command functions:
| list
|
List all currently trusted certificate authorities.
|
| blacklisted
|
| |
List all currently blacklisted certificates.
|
| rehash
|
Rebuild the list of trusted certificate authorities by scanning all directories
in
TRUSTPATH
and all blacklisted certificates in
BLACKLISTPATH.
A symbolic link to each trusted certificate is placed in
CERTDESTDIR
and each blacklisted certificate in
BLACKLISTDESTDIR.
|
| blacklist
|
Add the specified file to the blacklist.
|
| unblacklist
|
| |
Remove the specified file from the blacklist.
|
|
