createsignerkey - create signer key on authentication server

lib/createsignerkey name-of-owner \

[expiration-date][size-in-bits] [file]

Description

The createsignerkey command creates public and private keys that are used by a signer server to generate certificates for users.

name-of-owner

The name-of-owner is the name given to the signer in each certificate.

expiration-date

The expiration-date, in the form ddmmyyyy (e.g., 23061977), is converted to seconds since the epoch and stored in file.

size-in-bits

The size-in-bits is the size of the key modulus. The default is 512 bits with a maximum of 4096 bits.

file

The file is where the keys are stored on the server. The default is /keydb/signerkey.

Caveat

The createsignerkey function permits keys to be stored in a file other than /keydb/signerkey. However, logind (see logind - login daemon) returns an error if keys are not stored in /keydb/signerkey.

genSK, genSKfromPK, sktopk, dhparams - generate keys	Generation of the secret key.
signer, countersigner - daemons for set-top box authentication	Description of how the signer daemon uses the signer key.