pki --verify¶
Synopsis¶
pki --verify [--in file] [--cacert file] [--crl file] [--online] --help (-h) show usage information --in (-i) X.509 certificate to verify, default: stdin --cacert (-c) CA certificate for trustchain verification --crl (-l) CRL for trustchain verification --online (-o) enable online CRL/OCSP revocation checking --debug (-v) set debug level, default: 1 --options (-+) read command line options from file
Description¶
Verify the signature of an X.509 certificate.
Exit Status¶
The exit status is 0 if the certificate was verified successfully, 1 if the certificate is untrusted,
2 if the certificate's lifetimes are invalid, and 3 if the certificate was verified successfully but
the online revocation check indicated that it has been revoked.