honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Improve certutil --pass documentation about empty password (#40574) 

Improve the documentation of parameter --pass of elasticsearch-certutil

Backport of: #40137

Co-Authored-By: Diego Cardozo Sandrim <diegocsandrim@users.noreply.github.com>
Co-Authored-By: Vigneash Sundar <vikene@users.noreply.github.com>
This commit is contained in:
Tim Vernum 2019-03-29 10:11:00 +11:00 committed by GitHub
parent a13be65b01
commit c012c59115
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/reference/commands/certutil.asciidoc
View File

@ -177,14 +177,17 @@ with the `ca` parameter.
`--pass <password>`:: Specifies the password for the generated private keys.
+
Keys stored in PKCS#12 format are always password protected.
Keys stored in PKCS#12 format are always password protected, however,
this password may be _blank_. If you want to specify a blank password
without a prompt, use `--pass ""` (with no `=`) on the command line.
+
Keys stored in PEM format are password protected only if the
`--pass` parameter is specified. If you do not supply an argument for the
`--pass` parameter, you are prompted for a password.
+
If you want to specify a _blank_ password (without prompting), use
`--pass ""` (with no `=`).
Encrypted PEM files do not support blank passwords (if you do not
wish to password-protect your PEM keys, then do not specify
`--pass`).
`--pem`:: Generates certificates and keys in PEM format instead of PKCS#12. This
parameter cannot be used with the `csr` parameter.