EFIKEYGEN(1)EFIKEYGEN(1)NAMEefikeygen - command line tool for generating keys to use for PE image
signing
SYNOPSISefikeygen <[--ca | -C] [--self-sign | -S] | [--signer=nickname]>
[--token=token | -t token]
[--nickname=nickname | -n nickname]
[--common-name=common name | -c common name]
[--url=url | -u url]
[--serial=serial | -s serial]
DESCRIPTIONefikeygen is a command line tool for generating keys and certificates
to be used with pesign. These are standard X.509 certificates, and can
potentially be generated with any certificate creation tool. efikeygen
simply sets generates keys with sensible options set for a key to be
used for PE image signing.
OPTIONS--ca The certificate being generated is for a CA.
--self-sign
The generated certificate is to be self signed.
--signer=nickname
Nickname of certificate to be used to sign the generated cer‐
tificate.
--token=token
Use the specified NSS token's certificate database.
--nickname=nickname
The nickname to use for the generated certificate.
--common-name=common-name
The X.509 Common Name for the generated certificate. This
should be in rfc2253 syntax, i.e. "CN=John Doe,OU=editing,O=New
York Times,L=New York,ST=NY,C=US"
--url=url
Informational url regarding objects signed with this key.
--serial=serial number
Serial number for use with this key. A certificate is identi‐
fied by its signer and its serial number, so it's best not to
ever re-use this value with the same signer.
SEE ALSOpesign(1)AUTHORS
Peter Jones
Mon Jan 07 2013 EFIKEYGEN(1)