LinuxGuruz
  • Last 5 Forum Topics
    Replies
    Views
    Last post


The Web Only This Site
  • BOOKMARK

  • ADD TO FAVORITES

  • REFERENCES


  • MARC

    Mailing list ARChives
    - Search by -
     Subjects
     Authors
     Bodies





    FOLDOC

    Computing Dictionary




  • Text Link Ads






  • LINUX man pages
  • Linux Man Page Viewer


    The following form allows you to view linux man pages.

    Command:

    lprng_certs

    
    
    

    SYNOPSIS

           lprng_certs option
            Options:
             init     - make directory structure
             newca    - make new root CA
             defaults - set new default values for certs
             gen      - generate user, server, or signing cert
             index [dir] - index cert files
             verify [cert] - verify cert file
             encrypt keyfile
                      - set or change keyfile password
    
    
    

    DESCRIPTION

           The  lprng_certs  program  is  used  to manage SSL certificates for the
           LPRng software.  There SSL certificate structure consists of a  hierar-
           chy  of  certificates.   The  LPRng software assumes that the following
           types of certificates will be used:
    
           CA or root
                  A top level or self-signed certificate.
    
           signing
                  A certificate that can be used to sign other certificates.  This
                  is signed by the root CA or another signing certificate.
    
           user   A  certificate  used by a user to identify themselves to the lpd
                  server.
    
           server A certificate used by the lpd server to identify  themselves  to
                  the user or other lpd servers.
    
    
    

    Signing Certificates

           All  of  the signing certificates, including the root certificate (root
           CA), /etc/lprng/ssl.ca/ca.crt, are in the same directory as the root CA
           file.   Alternately,  all  of the signing certs can be concatenated and
           put into a single file, which by convention is assumed to have the same
           name  as  the root CA file, /etc/lprng/ssl.ca/ca.crt.  The ssl_ca_file,
           ssl_ca_path, and ssl_ca_key printcap and configuration options  can  be
           used  to  specify  the locations of the root CA files, a directory con-
           taining the signing certificate files, and the private key file for the
           root CA file respectively.
    
           The root certificate (root CA file) /etc/lprng/ssl.ca/ca.crt has a pri-
           vate key file /etc/lprng/ssl.ca/ca.key as  well.   By  convention,  the
           private  keys for the other signing certificate files are stored in the
           certificate file.
    
           The OpenSSL software requires that this directory also contain a set of
           hash files which are, in effect, links to these files.
    
           By  default,  all  signing  certificates  are assumed to be in the same
           directory as the root certificate.
    
    
    

    User Certificates

           The  certificates used by users are kept in a separate directory in the
           users home directory.  By convention, the private keys for  these  cer-
           tificate files are stored in the certificate file.
    
           The  user certificate file is specified by the LPR_SSL_FILE environment
           variable, otherwise the ${HOME}/.lpr/client.crt is used.  The  password
           is  taken  from  the file specified by the LPR_SSL_PASSWORD environment
           variable, otherwise the ${HOME}/.lpr/client.pwd file is read.
    
    
    

    USING LPRNG_CERTS

           The organization of the SSL certificates used by LPRng  is  similar  to
           that  used  by  other programs such as the Apache mod_ssl support.  The
           lprng_certs program is used to create the directory  structure,  create
           certificates  for  the root CA, signing, user and servers.  In order to
           make management simple, the following support is provided.
    
    
    

    lprng_certs init

           This command creates the directories used by the  lpd  server.   It  is
           useful when setting up a new lpd server.
    
    
    

    lprng_certs newca

           This  command  creates a self-signed certificate, suitable for use as a
           root CA certificate.  It also sets up a set of default values for other
           certificate creation.
    
    
    

    lprng_certs defaults

           This command is used to modify the set of default values.
    
           The  default  values  are listed and should be self-explanatory, except
           for the value of the signer certificate.  By default, the root  CA  can
           be  used  to  sign certificates.  However, a signing certificate can be
           used as well.  This allows delegation of signing authority without com-
           promising the security of the root CA.
    
    
    

    lprng_certs gen

           This is used to generate a user, server, or signing certificate.
    
    
    

    lprng_certs index

           This is used to create the indexes for the signing certificates.
    
    
    

    lprng_certs verify [cert]

           This  checks the certificate file using the Openssl openssl verify com-
           mand.
    
    
    

    lprng_certs encrypt keyfile

           This removes all key information from the key file, reencrypts the  key
           information, and the puts the encrypted key information in the file.
    
    
    

    LPRng OPTIONS

           The following exit values are returned:
    
           zero (0)       Successful completion.
    
           non-zero (!=0) An error occurred.
    
    
    

    SEE ALSO

           lpd.conf(5),  lpc(8),  lpd(8),  checkpc(8),  lpr(1),  lpq(1),  lprm(1),
           printcap(5), lpd.conf(5), pr(1), lprng_certs(1),  lprng_index_certs(1).
    
    
    

    AUTHOR

           Patrick Powell <papowell@lprng.com>.
    
    
    

    HISTORY

           LPRng  is  a enhanced printer spooler system with functionality similar
           to the Berkeley LPR software.  The  LPRng  developer  mailing  list  is
           lprng-devel@lists.sourceforge.net;      subscribe      by      visiting
           https://lists.sourceforge.net/lists/listinfo/lprng-devel   or   sending
           mail  to lprng-request@lists.sourceforge.net with the word subscribe in
           the body.
           The software is available via http://lprng.sourceforge.net
    
    
    

    LPRng 2006-12-09 lprng_certs(1)

    
    
  • MORE RESOURCE


  • Linux

    The Distributions





    Linux

    The Software





    Linux

    The News



  • MARKETING






  • Toll Free

webmaster@linuxguruz.com
Copyright © 1999 - 2016 by LinuxGuruz