ocspclnt: must specify exactly one command Type ocspclnt -H for more detailed descriptions Usage: ocspclnt -p [-d <dir>] ocspclnt -P [-d <dir>] ocspclnt -r <name> [-a] [-L] [-s <name>] [-d <dir>] ocspclnt -R <name> [-a] [-l <location>] [-s <name>] [-d <dir>] ocspclnt -S <name> [-a] [-l <location> -t <name>] [-s <name>] [-w <time>] [-d <dir>] ocspclnt -V <name> [-a] -u <usage> [-l <location> -t <name>] [-s <name>] [-w <time>] [-d <dir>]

Usage: ocspclnt -p [-d <dir>] ocspclnt -P [-d <dir>] ocspclnt -r <name> [-a] [-L] [-s <name>] [-d <dir>] ocspclnt -R <name> [-a] [-l <location>] [-s <name>] [-d <dir>] ocspclnt -S <name> [-a] [-l <location> -t <name>] [-s <name>] [-w <time>] [-d <dir>] ocspclnt -V <name> [-a] -u <usage> [-l <location> -t <name>] [-s <name>] [-w <time>] [-d <dir>] Commands (must specify exactly one): -p Pretty-print a binary request read from stdin -P Pretty-print a binary response read from stdin -r nickname Create a request for cert "nickname" on stdout -R nickname Get response for cert "nickname", dump to stdout -S nickname Get status for cert "nickname" -V nickname Fully verify cert "nickname", w/ status check nickname also can be the name of the file with DER or PEM(use -a option) cert encoding Options: -a Decode input cert from PEM format. DER is default -L Add the service locator extension to the request -d dbdir Find security databases in "dbdir" (default ~/.netscape) -l location Use "location" as URL of responder -t nickname Trust cert "nickname" as response signer -s nickname Sign requests with cert "nickname" -u usage Type of certificate usage for verification: c SSL Client s SSL Server e Email Recipient E Email Signer S Object Signer C CA -w time Validity time (default current time), one of: YYMMDDhhmm[ss]Z (GMT) YYMMDDhhmm[ss]+hhmm (later than GMT) YYMMDDhhmm[ss]-hhmm (earlier than GMT)