suzanne.soy/man-pages
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
gh-pages
man-pages/man1/dirmngr-client.1.html
Suzanne Soy 4c89183f2b Added man pages from my system
2021-03-31 01:06:50 +01:00

241 lines
5.3 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<HTML><HEAD><TITLE>Man page of DIRMNGR-CLIENT</TITLE>
</HEAD><BODY>
<H1>DIRMNGR-CLIENT</H1>
Section: GNU Privacy Guard 2.2 (1)<BR>Updated: 2019-11-23<BR><A HREF="#index">Index</A>
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
<A NAME="lbAB">&nbsp;</A>
<H2>NAME</H2>
<B>dirmngr-client</B>
- Tool to access the Dirmngr services
<A NAME="lbAC">&nbsp;</A>
<H2>SYNOPSIS</H2>
<B>dirmngr-client</B>
[<I>options</I>]
[<I>certfile</I>|<I>pattern</I>]
<P>
<A NAME="lbAD">&nbsp;</A>
<H2>DESCRIPTION</H2>
The <B>dirmngr-client</B> is a simple tool to contact a running
dirmngr and test whether a certificate has been revoked --- either by
being listed in the corresponding CRL or by running the OCSP protocol.
If no dirmngr is running, a new instances will be started but this is
in general not a good idea due to the huge performance overhead.
<P>
<P>
The usual way to run this tool is either:
<P>
<DL COMPACT><DT id="1"><DD>
<PRE>
dirmngr-client <I>acert</I>
</PRE>
</DL>
<P>
<P>
or
<P>
<DL COMPACT><DT id="2"><DD>
<PRE>
dirmngr-client &lt;<I>acert</I>
</PRE>
</DL>
<P>
Where <I>acert</I> is one DER encoded (binary) X.509 certificates to be
tested.
<P>
<A NAME="lbAE">&nbsp;</A>
<H2>RETURN VALUE</H2>
<B>dirmngr-client</B> returns these values:
<P>
<DL COMPACT>
<DT id="3"><B>0</B>
<DD>
The certificate under question is valid; i.e. there is a valid CRL
available and it is not listed there or the OCSP request returned that
that certificate is valid.
<P>
<DT id="4"><B>1</B>
<DD>
The certificate has been revoked
<P>
<DT id="5"><B>2 (and other values)</B>
<DD>
There was a problem checking the revocation state of the certificate.
A message to stderr has given more detailed information. Most likely
this is due to a missing or expired CRL or due to a network problem.
<P>
</DL>
<P>
<P>
<A NAME="lbAF">&nbsp;</A>
<H2>OPTIONS</H2>
<P>
<B>dirmngr-client</B> may be called with the following options:
<P>
<P>
<DL COMPACT>
<DT id="6"><B>--version</B>
<DD>
Print the program version and licensing information. Note that you cannot
abbreviate this command.
<P>
<DT id="7"><B>--help, -h</B>
<DD>
Print a usage message summarizing the most useful command-line options.
Note that you cannot abbreviate this command.
<P>
<DT id="8"><B>--quiet, -q</B>
<DD>
Make the output extra brief by suppressing any informational messages.
<P>
<DT id="9"><B>-v</B>
<DD>
<DT id="10"><B>--verbose</B>
<DD>
Outputs additional information while running.
You can increase the verbosity by giving several
verbose commands to <B>dirmngr</B>, such as '-vv'.
<P>
<DT id="11"><B>--pem</B>
<DD>
Assume that the given certificate is in PEM (armored) format.
<P>
<DT id="12"><B>--ocsp</B>
<DD>
Do the check using the OCSP protocol and ignore any CRLs.
<P>
<DT id="13"><B>--force-default-responder</B>
<DD>
When checking using the OCSP protocol, force the use of the default OCSP
responder. That is not to use the Reponder as given by the certificate.
<P>
<DT id="14"><B>--ping</B>
<DD>
Check whether the dirmngr daemon is up and running.
<P>
<DT id="15"><B>--cache-cert</B>
<DD>
Put the given certificate into the cache of a running dirmngr. This is
mainly useful for debugging.
<P>
<DT id="16"><B>--validate</B>
<DD>
Validate the given certificate using dirmngr's internal validation code.
This is mainly useful for debugging.
<P>
<DT id="17"><B>--load-crl</B>
<DD>
This command expects a list of filenames with DER encoded CRL files.
With the option <B>--url</B> URLs are expected in place of filenames
and they are loaded directly from the given location. All CRLs will be
validated and then loaded into dirmngr's cache.
<P>
<DT id="18"><B>--lookup</B>
<DD>
Take the remaining arguments and run a lookup command on each of them.
The results are Base-64 encoded outputs (without header lines). This
may be used to retrieve certificates from a server. However the output
format is not very well suited if more than one certificate is returned.
<P>
<DT id="19"><B>--url</B>
<DD>
<B>-u</B>
Modify the <B>lookup</B> and <B>load-crl</B> commands to take an URL.
<P>
<DT id="20"><B>--local</B>
<DD>
<B>-l</B>
Let the <B>lookup</B> command only search the local cache.
<P>
<DT id="21"><B>--squid-mode</B>
<DD>
Run <B>dirmngr-client</B> in a mode suitable as a helper program for
Squid's <B>external_acl_type</B> option.
<P>
<P>
</DL>
<P>
<P>
<A NAME="lbAG">&nbsp;</A>
<H2>SEE ALSO</H2>
<B><A HREF="/cgi-bin/man/man2html?8+dirmngr">dirmngr</A></B>(8),
<B><A HREF="/cgi-bin/man/man2html?1+gpgsm">gpgsm</A></B>(1)
<P>
The full documentation for this tool is maintained as a Texinfo manual.
If GnuPG and the info program are properly installed at your site, the
command
<P>
<DL COMPACT><DT id="22"><DD>
<PRE>
info gnupg
</PRE>
</DL>
<P>
should give you access to the complete manual including a menu structure
and an index.
<P>
<P>
<P>
<P>
<HR>
<A NAME="index">&nbsp;</A><H2>Index</H2>
<DL>
<DT id="23"><A HREF="#lbAB">NAME</A><DD>
<DT id="24"><A HREF="#lbAC">SYNOPSIS</A><DD>
<DT id="25"><A HREF="#lbAD">DESCRIPTION</A><DD>
<DT id="26"><A HREF="#lbAE">RETURN VALUE</A><DD>
<DT id="27"><A HREF="#lbAF">OPTIONS</A><DD>
<DT id="28"><A HREF="#lbAG">SEE ALSO</A><DD>
</DL>
<HR>
This document was created by
<A HREF="/cgi-bin/man/man2html">man2html</A>,
using the manual pages.<BR>
Time: 00:05:11 GMT, March 31, 2021
</BODY>
</HTML>
Reference in New Issue View Git Blame Copy Permalink