Provided by: strongswan-starter_5.1.2-0ubuntu2.11_amd64 
NAME
pki --req - Create a PKCS#10 certificate request
SYNOPSIS
pki --req [--in file] [--type type] --dn distinguished-name [--san subjectAltName]
[--password password] [--digest digest] [--outform encoding] [--debug level]
pki --req --options file
pki --req -h | --help
DESCRIPTION
This sub-command of pki(1) is used to create a PKCS#10 certificate request.
OPTIONS
-h, --help
Print usage information with a summary of the available options.
-v, --debug level
Set debug level, default: 1.
-+, --options file
Read command line options from file.
-i, --in file
Private key input file. If not given the key is read from STDIN.
-t, --type type
Type of the input key. Either rsa or ecdsa, defaults to rsa.
-d, --dn distinguished-name
Subject distinguished name (DN). Required.
-a, --san subjectAltName
subjectAltName extension to include in request. Can be used multiple times.
-p, --password password
The challengePassword to include in the certificate request.
-g, --digest digest
Digest to use for signature creation. One of md5, sha1, sha224, sha256, sha384, or
sha512. Defaults to sha1.
-f, --outform encoding
Encoding of the created certificate file. Either der (ASN.1 DER) or pem (Base64
PEM), defaults to der.
EXAMPLES
Generate a certificate request for an RSA key, with a subjectAltName extension:
pki --req --in key.der --dn "C=CH, O=strongSwan, CN=moon" \
--san moon@strongswan.org > req.der
Generate a certificate request for an ECDSA key and a different digest:
pki --req --in key.der --type ecdsa --digest sha256 \
--dn "C=CH, O=strongSwan, CN=carol" > req.der
SEE ALSO
pki(1)