gencert man page

gencert — Generate a test NSS database for mod_nss


gencert <destdir>


A tool used to generate a self-signed CA as well as server and user certificates for mod_nss testing.

This is used to generate a default NSS database for the mod_nss Apache module. It does not test to see if an existing database already exists, so use with care.

gencert will generate a new NSS database with the password "httptest".

It generates a self-signed CA with the subject "CN=Certificate Shack, O=example.com, C=US"

It also generates a certificate suitable for servers with the subject "CN=<FQDN>, O=example.com, C=US", and a user certificate with the subject "E=alpha@<FQDN>, CN=Frank Alpha, UID=alpha, OU=People, O=example.com, C=US".

The nicknames it uses are:

Server certificate:Server-Cert
User cert:alpha


Specifies the destination directory where the NSS databases will be created.


Report bugs to http://bugzilla.redhat.com.


Rob Crittenden <rcritten@redhat.com>.


Jul 1 2013