'\" te
.\" Portions Copyright (c) 2008, 2012, Oracle and/or its affiliates. All rights reserved.
.\" This manual page is derived from documentation obtained from the OpenSC organization (www.opensc-project.org). This library is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This library is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with this library; if not, write to the Free Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
.TH pkcs11_inspect 1 "18 Jan 2012" "SunOS 5.12" "User Commands"
.SH NAME
pkcs11_inspect \- print certificate contents
.SH SYNOPSIS
.LP
.nf
\fB/usr/lib/pam_pkcs11/pkcs11_inspect\fR [debug] [config_file=\fIfilename\fR]
.fi
.SH DESCRIPTION
.sp
.LP
\fBpkcs11_inspect\fR uses the \fBpam_pkcs11\fR library infrastructure to obtain the content of a certificate and display it.
.sp
.LP
\fBpkcs11_inspect\fR uses the same configuration file and arguments as the \fBpam_pkcs11\fR(5) PAM module. It loads defined mapper modules, and uses them to look into the certificate for required entries, that is, \fBms_mapper\fR looks for \fBms UPN\fR entries, and so forth.
.sp
.LP
When a mapper module finds a proper entry in the certificate, it converts to \fBUTF-8\fR and prints it to \fBstdout\fR.
.SH OPTIONS
.sp
.LP
The following options are supported:
.sp
.ne 2
.mk
.na
\fB\fBconfig_file=\fR\fIfileame\fR\fR
.ad
.RS 23n
.rt
Set the configuration file. The default value is \fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR.
.RE
.sp
.ne 2
.mk
.na
\fB\fBdebug\fR\fR
.ad
.RS 23n
.rt
Enable debugging output.
.RE
.sp
.LP
As it uses the same configuration file as \fBpam_pkcs11\fR(5), all of the \fBpam_pkcs11\fR options are available. Some of these options make no sense in a non-PAM environment, and are therefore ignored. Some mapper options (\fBmapfile\fR, \fBignorecase\fR) have no effect on certificate contents, and they are ignored as well.
.SH EXIT STATUS
.sp
.LP
The following exit values are returned:
.sp
.ne 2
.mk
.na
\fB\fB0\fR\fR
.ad
.RS 5n
.rt
Successful completion.
.sp
\fBpkcs11_inspect\fR prints on \fBstdout\fR all certificate contents that are found for mappers.
.RE
.sp
.ne 2
.mk
.na
\fB\fB1\fR\fR
.ad
.RS 5n
.rt
An error occurred.
.RE
.SH EXAMPLES
.LP
\fBExample 1 \fRUsing \fBpkcs_inspect\fR
.sp
.LP
The following example runs the \fBpkcs_inspect\fR command without any options:
.sp
.in +2
.nf
% pkcs11_inspect
.fi
.in -2
.sp
.LP
\fBExample 2 \fRUsing \fBpkcs_inspect\fR with Options
.sp
.LP
The following example runs the \fBpkcs_inspect\fR command with options:
.sp
.in +2
.nf
% pkcs11_inspect debug config_file=${HOME}/.pam_pkcs11.conf
.fi
.in -2
.sp
.SH FILES
.sp
.ne 2
.mk
.na
\fB\fB/etc/security/pam_pkcs11/pam_pkcs11.conf\fR\fR
.ad
.sp .6
.RS 4n
.RE
.SH AUTHORS
.sp
.LP
Juan Antonio Martinez, \[email protected]\fR
.SH ATTRIBUTES
.sp
.LP
See \fBattributes\fR(5) for descriptions of the following attributes:
.sp
.sp
.TS
tab() box;
cw(2.75i) |cw(2.75i)
lw(2.75i) |lw(2.75i)
.
ATTRIBUTE TYPEATTRIBUTE VALUE
_
Availabilitylibrary/security/pam/module/pam-pkcs11
_
Interface StabilityUncommitted
.TE
.SH SEE ALSO
.sp
.LP
\fBpklogin_finder\fR(1), \fBattributes\fR(5), \fBpam_pkcs11\fR(5)
.sp
.LP
\fIPAM-PKCS11 User Manual\fR, http://www.opensc-project.org/pam_pkcs11