command_register((command_t) {
verify, 'v', "verify",
"verify a certificate using the CA certificate",
- {"[--in file] [--ca file]"},
+ {"[--in file] [--cacert file]"},
{
{"help", 'h', 0, "show usage information"},
{"in", 'i', 1, "X.509 certificate to verify, default: stdin"},
}
});
}
-
--- /dev/null
+.TH "PKI \-\-VERIFY" 8 "2013-07-31" "@PACKAGE_VERSION@" "strongSwan"
+.
+.SH "NAME"
+.
+pki \-\-verify \- Verify a certificate using a CA certificate
+.
+.SH "SYNOPSIS"
+.
+.SY pki\ \-\-verify
+.OP \-\-in file
+.OP \-\-cacert file
+.OP \-\-debug level
+.YS
+.
+.SY pki\ \-\-verify
+.BI \-\-options\~ file
+.YS
+.
+.SY "pki \-\-verify"
+.B \-h
+|
+.B \-\-help
+.YS
+.
+.SH "DESCRIPTION"
+.
+This sub-command of
+.BR ipsec\-pki (8)
+verifies a certificate using an optional CA certificate.
+.
+.SH "OPTIONS"
+.
+.TP
+.B "\-h, \-\-help"
+Print usage information with a summary of the available options.
+.TP
+.BI "\-v, \-\-debug " level
+Set debug level, default: 1.
+.TP
+.BI "\-+, \-\-options " file
+Read command line options from \fIfile\fR.
+.TP
+.BI "\-i, \-\-in " file
+X.509 certificate to verify. If not given it is read from \fISTDIN\fR.
+.TP
+.BI "\-c, \-\-cacert " file
+CA certificate to use. If not given the certificate is assumed to be
+self-signed.
+.
+.SH "EXIT STATUS"
+The exit status is 0 if the certificate was verified successfully, and 2 if
+the verification failed.
+.
+.SH "SEE ALSO"
+.
+.BR ipsec\-pki (8)
\ No newline at end of file