← 返回命令列表

Linux command

crl2pkcs7.1s 命令

文件

复制后可按需替换文件名、目录或参数。

常用示例

Create PKCS#7 from CRL

openssl crl2pkcs7 -in [crl.pem] -certfile [cert.pem] -out [result.p7b]

Create PKCS#7 from CRL

openssl crl2pkcs7 -in [crl.pem] -nocrl -out [result.p7b]

Create PKCS#7 from multiple

openssl crl2pkcs7 -in [crl1.pem] -in [crl2.pem] -out [result.p7b]

Output in DER format

openssl crl2pkcs7 -in [crl.pem] -outform DER -out [result.p7b]

Include certificate chain

openssl crl2pkcs7 -nocrl -certfile [chain.pem] -out [certs.p7b]

说明

openssl crl2pkcs7 converts Certificate Revocation Lists (CRLs) and X.509 certificates into PKCS#7 format. PKCS#7 is a standard format for storing cryptographic data, often used for certificate bundles and signed data. The command is useful for creating PKCS#7 structures that combine CRLs with their associated CA certificates. This format is commonly required by certain applications and protocols for distributing revocation information along with certificate chains. The -nocrl option allows creating PKCS#7 files containing only certificates, which is useful for distributing certificate bundles in a widely-supported format.

参数

-in _FILE_
Input CRL file (can be specified multiple times).
-out _FILE_
Output PKCS#7 file.
-certfile _FILE_
File containing certificates to include.
-nocrl
Don't include the CRL in the output (certificates only).
-inform _FORMAT_
Input CRL format: PEM or DER.
-outform _FORMAT_
Output PKCS#7 format: PEM or DER.

FAQ

What is the crl2pkcs7.1s command used for?

openssl crl2pkcs7 converts Certificate Revocation Lists (CRLs) and X.509 certificates into PKCS#7 format. PKCS#7 is a standard format for storing cryptographic data, often used for certificate bundles and signed data. The command is useful for creating PKCS#7 structures that combine CRLs with their associated CA certificates. This format is commonly required by certain applications and protocols for distributing revocation information along with certificate chains. The -nocrl option allows creating PKCS#7 files containing only certificates, which is useful for distributing certificate bundles in a widely-supported format.

How do I run a basic crl2pkcs7.1s example?

Run `openssl crl2pkcs7 -in [crl.pem] -certfile [cert.pem] -out [result.p7b]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -in _FILE_ do in crl2pkcs7.1s?

Input CRL file (can be specified multiple times).