certpatch — add subjectAltName identities to X.509 certificates

certpatch  alters  PEM-encoded  X.509  certificates  by  adding  a subjectAltName extension containing an
       identity used by the signature-based authentication schemes of the ISAKMP protocol.  After  the  addition
       the certificate will be signed once again with the supplied CA signing key.

       The options are as follows:

       -tidentity-type
               If  given, the -t option specifies the type of the given identity.  Currently ip, fqdn, and ufqdn
               are recognized.  The default is ip.

       -iidentity
               The -i option takes an argument which is the identity to put into the subjectAltName field of the
               certificate.  If the identity-type is ip, this argument should  be  an  IPv4  address  in  dotted
               decimal notation.

       -ksigning-key
               The  -k  option  specifies  the  key  used  for  signing  the certificate once the subjectAltName
               extension has been added.  The key is specified by the filename where it is stored in PEM format.

       certpatch — add subjectAltName identities to X.509 certificates

isakmpd(8), ssl(8)

Debian                                            July 18, 1999                                     CERTPATCH(8)

certpatch [-tidentity-type] -iidentity-ksigning-keyinput-certificateoutput-certificate