diff options
Diffstat (limited to 'src/ocsptool-options.json')
| -rw-r--r-- | src/ocsptool-options.json | 154 |
1 files changed, 154 insertions, 0 deletions
diff --git a/src/ocsptool-options.json b/src/ocsptool-options.json new file mode 100644 index 0000000..0a45a14 --- /dev/null +++ b/src/ocsptool-options.json @@ -0,0 +1,154 @@ +{ + "format-version": "0.1.0", + "tool": { + "name": "ocsptool", + "title": "GnuTLS OCSP tool", + "description": "Program to handle OCSP request/responses.", + "detail": "ocsptool is a program that can parse and print information about\nOCSP requests/responses, generate requests and verify responses. Unlike\nother GnuTLS applications it outputs DER encoded structures by default\nunless the '--outpem' option is specified.", + "short-usage": "ocsptool [options]\nocsptool --help for usage instructions.\n" + }, + "sections": [ + { + "options": [ + { + "long-option": "debug", + "short-option": "d", + "description": "Enable debugging", + "detail": "Specifies the debug level.", + "argument-range": { + "min": 0, + "max": 9999 + }, + "argument-type": "number" + }, + { + "long-option": "verbose", + "short-option": "V", + "description": "More verbose output" + }, + { + "long-option": "infile", + "description": "Input file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "outfile", + "description": "Output file", + "argument-type": "string" + }, + { + "long-option": "ask", + "description": "Ask an OCSP/HTTP server on a certificate validity", + "detail": "Connects to the specified HTTP OCSP server and queries on the validity of the loaded certificate.\nIts argument can be a URL or a plain server name. It can be combined with --load-chain, where it checks\nall certificates in the provided chain, or with --load-cert and\n--load-issuer options. The latter checks the provided certificate\nagainst its specified issuer certificate.", + "argument-optional": true, + "argument-type": "string", + "argument-name": "server name|url" + }, + { + "long-option": "verify-response", + "short-option": "e", + "description": "Verify response", + "detail": "Verifies the provided OCSP response against the system trust\nanchors (unless --load-trust is provided). It requires the --load-signer\nor --load-chain options to obtain the signer of the OCSP response." + }, + { + "long-option": "request-info", + "short-option": "i", + "description": "Print information on a OCSP request", + "detail": "Display detailed information on the provided OCSP request." + }, + { + "long-option": "response-info", + "short-option": "j", + "description": "Print information on a OCSP response", + "detail": "Display detailed information on the provided OCSP response." + }, + { + "long-option": "generate-request", + "short-option": "q", + "description": "Generates an OCSP request" + }, + { + "long-option": "nonce", + "description": "Use (or not) a nonce to OCSP request", + "disable-prefix": "no-" + }, + { + "long-option": "load-chain", + "description": "Reads a set of certificates forming a chain from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-issuer", + "description": "Reads issuer's certificate from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-cert", + "description": "Reads the certificate to check from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-trust", + "description": "Read OCSP trust anchors from file", + "detail": "When verifying an OCSP response read the trust anchors from the\nprovided file. When this is not provided, the system's trust anchors will be\nused.", + "file-exists": true, + "conflicts": [ + "load-signer" + ], + "argument-type": "file" + }, + { + "long-option": "load-signer", + "description": "Reads the OCSP response signer from file", + "file-exists": true, + "conflicts": [ + "load-trust" + ], + "argument-type": "file" + }, + { + "long-option": "inder", + "description": "Use DER format for input certificates and private keys", + "disable-prefix": "no-" + }, + { + "long-option": "outder", + "description": "Use DER format for output of responses (this is the default)", + "detail": "The output will be in DER encoded format. Unlike other GnuTLS tools, this is the default for this tool" + }, + { + "long-option": "outpem", + "description": "Use PEM format for output of responses", + "detail": "The output will be in PEM format." + }, + { + "long-option": "load-request", + "short-option": "Q", + "description": "Reads the DER encoded OCSP request from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "load-response", + "short-option": "S", + "description": "Reads the DER encoded OCSP response from file", + "file-exists": true, + "argument-type": "file" + }, + { + "long-option": "ignore-errors", + "description": "Ignore any verification errors" + }, + { + "long-option": "verify-allow-broken", + "description": "Allow broken algorithms, such as MD5 for verification", + "detail": "This can be combined with --verify-response." + } + ] + } + ] +}
\ No newline at end of file |