Gitiles
Code Review Sign In
gerrit.named-data.net / ndn-cxx / 35109a19d048365fda0a5efdb7c1525404a212a5^! / . / docs / manpages / ndnsec-cert-gen.rst
commit35109a19d048365fda0a5efdb7c1525404a212a5[log] [tgz]
authorAlexander Afanasyev <alexander.afanasyev@ucla.edu>Wed Jan 04 15:39:06 2017 -0800
committerAlex Afanasyev <aa@cs.ucla.edu>Wed Jun 07 19:14:15 2017 -0700
tree9f9f9a8504a01aaa6b70ea0586785cb379dd93fe
parent6bf48a07c459b2c9025dd42e95f9f09de33cc5ea [diff] [blame]
tools: Convert ndnsec to v2::KeyChain

This commit removes the following tools:
- cert-revoke (wasn't working properly before and need a new
  design)
- set-acl (wasn't working before)
- dsk-gen (no longer makes sense with the new certificate naming
  conventions, new tools for creating derivative certificates will
  be created later)

This commit also fixes Bug #3644 causing import command to ask for
unnecessary password confirmation.

ndnsec main now catch all exceptions logs the extended message

Change-Id: Ib50e0994970020bcf0a1840aca6bc3942818094b
Refs: #3098, #3644

diff --git a/docs/manpages/ndnsec-cert-gen.rst b/docs/manpages/ndnsec-cert-gen.rst
index 923c936..25c6427 100644
--- a/docs/manpages/ndnsec-cert-gen.rst
+++ b/docs/manpages/ndnsec-cert-gen.rst

@@ -8,7 +8,7 @@
 
 ::
 
-    $ ndnsec-cert-gen [-h] [-S timestamp] [-E timestamp] [-N name] [-I info] [-s sign-id] [-p cert-prefix] request
+    $ ndnsec-cert-gen [-h] [-S timestamp] [-E timestamp] [-I info] [-s sign-id] [-i issuer-id] request
 
 Description
 -----------
@@ -24,7 +24,6 @@
 
 The generated certificate will be written to standard output in base64 encoding.
 
-
 Options
 -------
 
@@ -34,25 +33,20 @@
 ``-E timestamp``
   Timestamp when the certificate expires. The default value is one year from now.
 
-``-N name``
-  Name of the certificate owner.
-
 ``-I info``
-  Other information about the certificate owner. ``subject-info`` is a list of pairs of OID and
-  corresponding value. For example, "2.5.4.10 'Some Organization' 2.5.4.3 'http://home.page/'".
+  Other information to be included in the issued certificate.  For example,
+
+   ::
+
+      -I "affiliation Some Organization" -I "homepage http://home.page/"
 
 ``-s sign-id``
   Signing identity. The default key/certificate of ``sign-id`` will be used to sign the requested
   certificate. If this option is not specified, the system default identity will be used.
 
-``-p cert-prefix``
-  The certificate prefix, which is the part of certificate name before ``KEY`` component.
-
-  By default, the certificate prefix will be inferred from the certificate name according
-  to the relation between the signing identity and the subject identity. If the signing
-  identity is a prefix of the subject identity, ``KEY`` will be inserted after the
-  signingIdentity, otherwise ``KEY`` is inserted after subject identity (i.e., before
-  ``ksk-....``).
+``-s issuer-id``
+  Issuer's ID to be included as part of the issued certificate name.  If not specified, "NA"
+  value will be used
 
 Examples
 --------