GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
GVM-MANAGE-CERTS(1) User manual for the Open Vulnerability Assessment System (OpenVAS) GVM-MANAGE-CERTS(1)

gvm-manage-certs - manage certificate infrastructure for a GVM installation

gvm-manage-certs [OPTION]...

gvm-manage-certs manages the certificate infrastructure for a GVM installation. The certificate infrastructure enables GVM daemons to communicate in a secure manner and is used for authentication and authorization before establishing TLS connections between the daemons.

The GVM certificate infrastructure consists of a certificate authority (CA) which is trusted by all GVM daemons. This CA is then used to sign certificates used by the various daemons. The certificates can be divided into two use cases:

  • Server certificates, primarily used for authentication
  • Client certificates, primarily used for authorization

gvm-manage-certs can perform an automatic creation of a default certificate infrastructure for a standard GVM installation. It can also verify an existing infrastructure and perform various certificate related tasks to support the setup of a more complex infrastructure.

Automatically set up default infrastructure for GVM
Verify existing GVM certificate infrastructure
Create a certificate authority (CA)
Create a certificate request for a CA
Create a certificate request for a CA and sign it
Create a certificate authority (CA)
Install a CA certificate
Create a certificate request and sign it
Install a certificate
Sign a certificate request
Force overwriting of existing files

Create a server certificate. This sets the appropriate key usage constraints for a server certificate.
Create a client certificate. This sets the appropriate key usage constraints for a client certificate.
Skip CA generation in automatic mode. This automatically (re-)generates server and client certificates, but keeps the CA certificate.

-e file Read configuration from file (see below for configuration details)

Print debug output
Print verbose messages
Be quiet, only print error messages

Print help

0
The requested operation was successfully performed.
1
An error occurred, the requested operation could not be performed.

All certificate generation options can be set either through the configuration file or through environment variables like the following:

Days until the certificate will expire
Name to use for the certificate
Hash algorithm to use for signing
Size in bits of the generated key
GnuTLS security level [low|medium|high|ultra]
Directory where keys and certificates are stored before installation
Prefix for certificate filename (e.g. "server")

For a complete list of options, please refer to the example configuration file included in the documentation.

openvas(8), gvmd(8), gsad(8)

2015-09-21 The OpenVAS Project
Search for    or go to Top of page |  Section 1 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.