1=pod 2 3=begin comment 4{- join("\n", @autowarntext) -} 5 6=end comment 7 8=head1 NAME 9 10openssl-storeutl - STORE command 11 12=head1 SYNOPSIS 13 14B<openssl> B<storeutl> 15[B<-help>] 16[B<-out> I<file>] 17[B<-noout>] 18[B<-passin> I<arg>] 19[B<-text> I<arg>] 20[B<-r>] 21[B<-certs>] 22[B<-keys>] 23[B<-crls>] 24[B<-subject> I<arg>] 25[B<-issuer> I<arg>] 26[B<-serial> I<arg>] 27[B<-alias> I<arg>] 28[B<-fingerprint> I<arg>] 29[B<-I<digest>>] 30{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -} 31I<uri> 32 33=head1 DESCRIPTION 34 35This command can be used to display the contents (after 36decryption as the case may be) fetched from the given URI. 37 38=head1 OPTIONS 39 40=over 4 41 42=item B<-help> 43 44Print out a usage message. 45 46=item B<-out> I<filename> 47 48This specifies the output file to write to. 49Standard output is used if this option is not present. 50The output file can be the same as the input, 51which leads to replacing the file contents. 52Note that file I/O is not atomic. The output file is truncated and then written. 53 54=item B<-noout> 55 56this option prevents output of the PEM data. 57 58=item B<-passin> I<arg> 59 60the key password source. For more information about the format of I<arg> 61see L<openssl-passphrase-options(1)>. 62 63=item B<-text> 64 65Prints out the objects in text form, similarly to the B<-text> output from 66L<openssl-x509(1)>, L<openssl-pkey(1)>, etc. 67 68=item B<-r> 69 70Fetch objects recursively when possible. 71 72=item B<-certs> 73 74=item B<-keys> 75 76=item B<-crls> 77 78Only select the certificates, keys or CRLs from the given URI. 79However, if this URI would return a set of names (URIs), those are always 80returned. 81 82Note that all options must be given before the I<uri> argument. 83 84Note I<-keys> selects exclusively private keys, there is no selector for public 85keys only. 86 87=item B<-subject> I<arg> 88 89Search for an object having the subject name I<arg>. 90 91The arg must be formatted as C</type0=value0/type1=value1/type2=...>. 92Special characters may be escaped by C<\> (backslash), whitespace is retained. 93Empty values are permitted but are ignored for the search. That is, 94a search with an empty value will have the same effect as not specifying 95the type at all. 96Giving a single C</> will lead to an empty sequence of RDNs (a NULL-DN). 97Multi-valued RDNs can be formed by placing a C<+> character instead of a C</> 98between the AttributeValueAssertions (AVAs) that specify the members of the set. 99 100Example: 101 102C</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe> 103 104=item B<-issuer> I<arg> 105 106=item B<-serial> I<arg> 107 108Search for an object having the given issuer name and serial number. 109These two options I<must> be used together. 110The issuer arg must be formatted as C</type0=value0/type1=value1/type2=...>, 111characters may be escaped by \ (backslash), no spaces are skipped. 112The serial arg may be specified as a decimal value or a hex value if preceded 113by C<0x>. 114 115=item B<-alias> I<arg> 116 117Search for an object having the given alias. 118 119=item B<-fingerprint> I<arg> 120 121Search for an object having the given fingerprint. 122 123=item B<-I<digest>> 124 125The digest that was used to compute the fingerprint given with B<-fingerprint>. 126 127{- $OpenSSL::safe::opt_engine_item -} 128 129{- $OpenSSL::safe::opt_provider_item -} 130 131=back 132 133=head1 SEE ALSO 134 135L<openssl(1)> 136 137=head1 HISTORY 138 139This command was added in OpenSSL 1.1.1. 140 141The B<-engine> option was deprecated in OpenSSL 3.0. 142 143=head1 COPYRIGHT 144 145Copyright 2016-2024 The OpenSSL Project Authors. All Rights Reserved. 146 147Licensed under the Apache License 2.0 (the "License"). You may not use 148this file except in compliance with the License. You can obtain a copy 149in the file LICENSE in the source distribution or at 150L<https://www.openssl.org/source/license.html>. 151 152=cut 153
