🟣generate
Generate a self-signed X.509 certificate. A self-signed certificate is generated and written to one of the slots on the YubiKey. A private key must already be present in the corresponding key slot.
ykman piv certificates generate OPTIONS SLOT PUBLIC-KEY
Options | Description |
---|---|
-h, --help | Show this message and exit. |
-a, --hash-algorithm [SHA1|SHA256|SHA384|SHA512] | Hash algorithm.
[default: |
-d, --valid-days INTEGER | Number of days until the certificateexpires. [default: 365] |
-m, --management-key TEXT | The management key. |
-P, --pin TEXT | PIN code. |
-s, --subject TEXT | Subject for the certificate, as an RFC 4514 string. [required]. |
Arguments | Description |
---|---|
SLOT | PIV slot of the certificate. |
PUBLIC-KEY | File containing the public key.
Use |
HELP
EXAMPLE
Last updated