wolfCLU supports new x509 options

We are constantly enhancing wolfCLU, a command line utility for manipulating certificates. Recently we added some new x509 options. These additions, -req, -extfile, -extensions, -signkey and -* enhance the x509 functionality. Having these options added to wolfCLU helps with generatingself-signed x509 certificates when using the x509 command.

  • [-req] Users can generate a certificate signing request (CSR) directly from the command line.
  • [-extfile] Users can specify a file containing certificate extension configuration.
  • [-extensions] Users can define certificate extensions directly in the command line.[-signkey] Users can provide an existing private key to sign the certificate being generated.
  • [-*] Users can select any supported digest for signing. Currently sha1, sha256, sha384 and sha512 are available.

The following example demonstrates how to use these new options to update a self signed x509 certificate.

wolfssl x509 -req -in client-cert.csr -extfile wolfssl.cnf -extensions
        uri -signkey client-key.pem -out client-uri-cert.pem

These new options are part of our ongoing commitment to provide a feature-rich and user-friendly experience with wolfCLU’s x509 command.

If you have any feedback, questions, or require support, please don’t hesitate to reach out to us at facts@wolfSSL.com. or call us at +1 425 245 8247.

Download wolfSSL