[B<-help>]
[B<-newcert>]
[B<-newreq>]
+[B<-newreq-nodes>]
[B<-newca>]
[B<-xsign>]
[B<-sign>]
creates a new certificate request. The private key and request are
written to the file "newreq.pem".
+=item B<-newreq-nowdes>
+
+is like B<-newreq> except that the private key will not be encrypted.
+
=item B<-newca>
creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>