1=pod 2 3=begin comment 4{- join("\n", @autowarntext) -} 5 6=end comment 7 8=head1 NAME 9 10openssl-storeutl - STORE command 11 12=head1 SYNOPSIS 13 14B<openssl> B<storeutl> 15[B<-help>] 16[B<-out> I<file>] 17[B<-noout>] 18[B<-passin> I<arg>] 19[B<-text> I<arg>] 20[B<-r>] 21[B<-certs>] 22[B<-keys>] 23[B<-crls>] 24[B<-subject> I<arg>] 25[B<-issuer> I<arg>] 26[B<-serial> I<arg>] 27[B<-alias> I<arg>] 28[B<-fingerprint> I<arg>] 29[B<-I<digest>>] 30{- $OpenSSL::safe::opt_engine_synopsis -}{- $OpenSSL::safe::opt_provider_synopsis -} 31I<uri> 32 33=head1 DESCRIPTION 34 35This command can be used to display the contents (after 36decryption as the case may be) fetched from the given URI. 37 38=head1 OPTIONS 39 40=over 4 41 42=item B<-help> 43 44Print out a usage message. 45 46=item B<-out> I<filename> 47 48specifies the output filename to write to or standard output by 49default. 50 51=item B<-noout> 52 53this option prevents output of the PEM data. 54 55=item B<-passin> I<arg> 56 57the key password source. For more information about the format of I<arg> 58see L<openssl-passphrase-options(1)>. 59 60=item B<-text> 61 62Prints out the objects in text form, similarly to the B<-text> output from 63L<openssl-x509(1)>, L<openssl-pkey(1)>, etc. 64 65=item B<-r> 66 67Fetch objects recursively when possible. 68 69=item B<-certs> 70 71=item B<-keys> 72 73=item B<-crls> 74 75Only select the certificates, keys or CRLs from the given URI. 76However, if this URI would return a set of names (URIs), those are always 77returned. 78 79Note that all options must be given before the I<uri> argument. 80 81Note I<-keys> selects exclusively private keys, there is no selector for public 82keys only. 83 84=item B<-subject> I<arg> 85 86Search for an object having the subject name I<arg>. 87 88The arg must be formatted as C</type0=value0/type1=value1/type2=...>. 89Special characters may be escaped by C<\> (backslash), whitespace is retained. 90Empty values are permitted but are ignored for the search. That is, 91a search with an empty value will have the same effect as not specifying 92the type at all. 93Giving a single C</> will lead to an empty sequence of RDNs (a NULL-DN). 94Multi-valued RDNs can be formed by placing a C<+> character instead of a C</> 95between the AttributeValueAssertions (AVAs) that specify the members of the set. 96 97Example: 98 99C</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe> 100 101=item B<-issuer> I<arg> 102 103=item B<-serial> I<arg> 104 105Search for an object having the given issuer name and serial number. 106These two options I<must> be used together. 107The issuer arg must be formatted as C</type0=value0/type1=value1/type2=...>, 108characters may be escaped by \ (backslash), no spaces are skipped. 109The serial arg may be specified as a decimal value or a hex value if preceded 110by C<0x>. 111 112=item B<-alias> I<arg> 113 114Search for an object having the given alias. 115 116=item B<-fingerprint> I<arg> 117 118Search for an object having the given fingerprint. 119 120=item B<-I<digest>> 121 122The digest that was used to compute the fingerprint given with B<-fingerprint>. 123 124{- $OpenSSL::safe::opt_engine_item -} 125 126{- $OpenSSL::safe::opt_provider_item -} 127 128=back 129 130=head1 SEE ALSO 131 132L<openssl(1)> 133 134=head1 HISTORY 135 136This command was added in OpenSSL 1.1.1. 137 138The B<-engine> option was deprecated in OpenSSL 3.0. 139 140=head1 COPYRIGHT 141 142Copyright 2016-2023 The OpenSSL Project Authors. All Rights Reserved. 143 144Licensed under the Apache License 2.0 (the "License"). You may not use 145this file except in compliance with the License. You can obtain a copy 146in the file LICENSE in the source distribution or at 147L<https://www.openssl.org/source/license.html>. 148 149=cut 150
