=head1 SYNOPSIS
B<openssl> B<verify>
-[B<-CApath directory>]
[B<-CAfile file>]
-[B<-purpose purpose>]
-[B<-policy arg>]
-[B<-ignore_critical>]
+[B<-CApath directory>]
+[B<-no-CAfile>]
+[B<-no-CApath>]
+[B<-attime timestamp>]
+[B<-check_ss_sig>]
+[B<-CRLfile file>]
+[B<-crl_download>]
[B<-crl_check>]
[B<-crl_check_all>]
-[B<-policy_check>]
[B<-explicit_policy>]
+[B<-extended_crl>]
+[B<-help>]
+[B<-ignore_critical>]
[B<-inhibit_any>]
[B<-inhibit_map>]
-[B<-x509_strict>]
-[B<-extended_crl>]
-[B<-use_deltas>]
+[B<-issuer_checks>]
+[B<-partial_chain>]
+[B<-policy arg>]
+[B<-policy_check>]
[B<-policy_print>]
+[B<-purpose purpose>]
+[B<-suiteB_128>]
+[B<-suiteB_128_only>]
+[B<-suiteB_192>]
+[B<-trusted_first>]
+[B<-no_alt_chains>]
[B<-untrusted file>]
-[B<-help>]
-[B<-issuer_checks>]
+[B<-trusted file>]
+[B<-use_deltas>]
[B<-verbose>]
+[B<-verify_depth num>]
+[B<-verify_email email>]
+[B<-verify_hostname hostname>]
+[B<-verify_ip ip>]
+[B<-verify_name name>]
+[B<-x509_strict>]
+[B<-show_chain>]
[B<->]
[certificates]
=over 4
+=item B<-CAfile file>
+
+A file of trusted certificates. The file should contain multiple certificates
+in PEM format concatenated together.
+
=item B<-CApath directory>
A directory of trusted certificates. The certificates should have names
of the B<x509> utility). Under Unix the B<c_rehash> script will automatically
create symbolic links to a directory of certificates.
-=item B<-CAfile file>
+=item B<-no-CAfile>
-A file of trusted certificates. The file should contain multiple certificates
-in PEM format concatenated together.
+Do not load the trusted CA certificates from the default file location
-=item B<-untrusted file>
+=item B<-no-CApath>
-A file of untrusted certificates. The file should contain multiple certificates
+Do not load the trusted CA certificates from the default directory location
-=item B<-purpose purpose>
+=item B<-attime timestamp>
-the intended use for the certificate. Without this option no chain verification
-will be done. Currently accepted uses are B<sslclient>, B<sslserver>,
-B<nssslserver>, B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION>
-section for more information.
+Perform validation checks using time specified by B<timestamp> and not
+current system time. B<timestamp> is the number of seconds since
+01.01.1970 (UNIX time).
-=item B<-help>
+=item B<-check_ss_sig>
-prints out a usage message.
+Verify the signature on the self-signed root CA. This is disabled by default
+because it doesn't add any security.
-=item B<-verbose>
+=item B<-CRLfile file>
-print extra information about the operations being performed.
+File containing one or more CRL's (in PEM format) to load.
-=item B<-issuer_checks>
+=item B<-crl_download>
-print out diagnostics relating to searches for the issuer certificate
-of the current certificate. This shows why each candidate issuer
-certificate was rejected. However the presence of rejection messages
-does not itself imply that anything is wrong: during the normal
-verify process several rejections may take place.
+Attempt to download CRL information for this certificate.
-=item B<-policy arg>
+=item B<-crl_check>
-Enable policy processing and add B<arg> to the user-initial-policy-set
-(see RFC3280 et al). The policy B<arg> can be an object name an OID in numeric
-form. This argument can appear more than once.
+Checks end entity certificate validity by attempting to look up a valid CRL.
+If a valid CRL cannot be found an error occurs.
-=item B<-policy_check>
+=item B<-crl_check_all>
-Enables certificate policy processing.
+Checks the validity of B<all> certificates in the chain by attempting
+to look up valid CRLs.
=item B<-explicit_policy>
-Set policy variable require-explicit-policy (see RFC3280 et al).
+Set policy variable require-explicit-policy (see RFC5280).
+
+=item B<-extended_crl>
+
+Enable extended CRL features such as indirect CRLs and alternate CRL
+signing keys.
+
+=item B<-help>
+
+Print out a usage message.
+
+=item B<-ignore_critical>
+
+Normally if an unhandled critical extension is present which is not
+supported by OpenSSL the certificate is rejected (as required by RFC5280).
+If this option is set critical extensions are ignored.
=item B<-inhibit_any>
-Set policy variable inhibit-any-policy (see RFC3280 et al).
+Set policy variable inhibit-any-policy (see RFC5280).
=item B<-inhibit_map>
-Set policy variable inhibit-policy-mapping (see RFC3280 et al).
+Set policy variable inhibit-policy-mapping (see RFC5280).
+
+=item B<-issuer_checks>
+
+Print out diagnostics relating to searches for the issuer certificate of the
+current certificate. This shows why each candidate issuer certificate was
+rejected. The presence of rejection messages does not itself imply that
+anything is wrong; during the normal verification process, several
+rejections may take place.
+
+=item B<-partial_chain>
+
+Allow partial certificate chain if at least one certificate is in trusted store.
+
+=item B<-policy arg>
+
+Enable policy processing and add B<arg> to the user-initial-policy-set (see
+RFC5280). The policy B<arg> can be an object name an OID in numeric form.
+This argument can appear more than once.
+
+=item B<-policy_check>
+
+Enables certificate policy processing.
=item B<-policy_print>
-Print out diagnostics, related to policy checking
+Print out diagnostics related to policy processing.
-=item B<-crl_check>
+=item B<-purpose purpose>
-Checks end entity certificate validity by attempting to lookup a valid CRL.
-If a valid CRL cannot be found an error occurs.
+The intended use for the certificate. If this option is not specified,
+B<verify> will not consider certificate purpose during chain verification.
+Currently accepted uses are B<sslclient>, B<sslserver>, B<nssslserver>,
+B<smimesign>, B<smimeencrypt>. See the B<VERIFY OPERATION> section for more
+information.
-=item B<-crl_check_all>
+=item B<-suiteB_128_only>, B<-suiteB_128>, B<-suiteB_192>
-Checks the validity of B<all> certificates in the chain by attempting
-to lookup valid CRLs.
+enable the Suite B mode operation at 128 bit Level of Security, 128 bit or
+192 bit, or only 192 bit Level of Security respectively.
+See RFC6460 for details. In particular the supported signature algorithms are
+reduced to support only ECDSA and SHA256 or SHA384 and only the elliptic curves
+P-256 and P-384.
-=item B<-ignore_critical>
+=item B<-trusted_first>
-Normally if an unhandled critical extension is present which is not
-supported by OpenSSL the certificate is rejected (as required by
-RFC3280 et al). If this option is set critical extensions are
-ignored.
+Use certificates in CA file or CA directory before certificates in untrusted
+file when building the trust chain to verify certificates.
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
-=item B<-x509_strict>
+=item B<-no_alt_chains>
-Disable workarounds for broken certificates which have to be disabled
-for strict X.509 compliance.
+When building a certificate chain, if the first certificate chain found is not
+trusted, then OpenSSL will continue to check to see if an alternative chain can
+be found that is trusted. With this option that behaviour is suppressed so that
+only the first chain found is ever used. Using this option will force the
+behaviour to match that of OpenSSL versions prior to 1.1.0.
-=item B<-extended_crl>
+=item B<-untrusted file>
-Enable extended CRL features such as indirect CRLs and alternate CRL
-signing keys.
+A file of untrusted certificates. The file should contain one or more
+certificates in PEM format.
+
+=item B<-trusted file>
+
+A file of trusted certificates. The file contain one or more
+certificates in PEM format.
+With this option, no additional (e.g., default) certificate lists
+are consulted. That is, the only trusted issuers are those listed
+in B<file>.
+This option cannot be used with the B<-CAfile> or B<-CApath> options.
=item B<-use_deltas>
Enable support for delta CRLs.
-=item B<-check_ss_sig>
+=item B<-verbose>
-Verify the signature on the self-signed root CA. This is disabled by default
-because it doesn't add any security.
+Print extra information about the operations being performed.
+
+=item B<-verify_depth num>
+
+Limit the maximum depth of the certificate chain to B<num> certificates.
+
+=item B<-verify_email email>
+
+Verify if the B<email> matches the email address in Subject Alternative Name or
+the email in the subject Distinguished Name.
+
+=item B<-verify_hostname hostname>
+
+Verify if the B<hostname> matches DNS name in Subject Alternative Name or
+Common Name in the subject certificate.
+
+=item B<-verify_ip ip>
+
+Verify if the B<ip> matches the IP address in Subject Alternative Name of
+the subject certificate.
+
+=item B<-verify_name name>
+
+Use default verification options like trust model and required certificate
+policies identified by B<name>.
+Supported usages include: default, pkcs7, smime_sign, ssl_client, ssl_server.
+
+=item B<-x509_strict>
+
+For strict X.509 compliance, disable non-compliant workarounds for broken
+certificates.
+
+=item B<-show_chain>
+
+Display information about the certificate chain that has been built (if
+successful). Certificates in the chain that came from the untrusted list will be
+flagged as "untrusted".
=item B<->
-marks the last option. All arguments following this are assumed to be
+Indicates the last option. All arguments following this are assumed to be
certificate files. This is useful if the first certificate filename begins
with a B<->.
=item B<certificates>
-one or more certificates to verify. If no certificate filenames are included
-then an attempt is made to read a certificate from standard input. They should
-all be in PEM format.
-
+One or more certificates to verify. If no certificates are given, B<verify>
+will attempt to read a certificate from standard input. Certificates must be
+in PEM format.
=back
to be the root CA.
The process of 'looking up the issuers certificate' itself involves a number
-of steps. In versions of OpenSSL before 0.9.5a the first certificate whose
-subject name matched the issuer of the current certificate was assumed to be
-the issuers certificate. In OpenSSL 0.9.6 and later all certificates
+of steps.
+Ater all certificates
whose subject name matches the issuer name of the current certificate are
subject to further tests. The relevant authority key identifier components
of the current certificate (if present) must match the subject key identifier
=head1 BUGS
-Although the issuer checks are a considerably improvement over the old technique they still
+Although the issuer checks are a considerable improvement over the old technique they still
suffer from limitations in the underlying X509_LOOKUP API. One consequence of this is that
trusted certificates with matching subject name must either appear in a file (as specified by the
-B<-CAfile> option) or a directory (as specified by B<-CApath>. If they occur in both then only
+B<-CAfile> option) or a directory (as specified by B<-CApath>). If they occur in both then only
the certificates in the file will be recognised.
Previous versions of OpenSSL assume certificates with matching subject name are identical and
=head1 SEE ALSO
-L<x509(1)|x509(1)>
+L<x509(1)>
+
+=head1 HISTORY
+
+The -show_chain option was first added to OpenSSL 1.1.0.
=cut
projects / openssl.git / blobdiff