security cms

Encode or decode CMS messages.

Syntax
      cms [-C|-D|-E|-S] [options...]

Options
   -C    Create a CMS encrypted message
   -D    Decode a CMS message
   -E    Create a CMS enveloped message
   -S    Create a CMS signed message

   Decoding options:
            -c content    Use this detached content file
            -h level      Generate email headers with info about CMS message (output level >= 0)
            -n            Suppress output of content

   Encoding options:
            -r id,...     Create envelope for comma-delimited list of recipients, where id can be a certificate
                          nickname or email address
            -G            Include a signing time attribute
            -H hash       hash = MD2|MD4|MD5|SHA1|SHA256|SHA384|SHA512 (default: SHA1)
            -N nick       Use certificate named "nick" for signing
            -P            Include a SMIMECapabilities attribute
            -T            Do not include content in CMS message
            -Y nick       Include an EncryptionKeyPreference attribute with certificate (use "NONE" to
                          omit)
            -Z hash       Find a certificate by subject key ID

   Common options:
            -e envelope    Specify envelope file (valid with -D or -E)
            -k keychain    Specify keychain to use
            -i infile      Use infile as source of data (default: stdin)
            -o outfile     Use outfile as destination of data (default: stdout)
            -p password    Use password as key db password (default: prompt)
            -s             Pass data a single byte at a time to CMS
            -u certusage   Set type of certificate usage (default: certUsageEmailSigner)
            -v             Print debugging information

            Cert usage codes:
                         0 - certUsageSSLClient
                         1 - certUsageSSLServer
                         2 - certUsageSSLServerWithStepUp
                         3 - certUsageSSLCA
                         4 - certUsageEmailSigner
                         5 - certUsageEmailRecipient
                         6 - certUsageObjectSigner
                         7 - certUsageUserCertImport
                         8 - certUsageVerifyCA
                         9 - certUsageProtectedObjectSigner
                        10 - certUsageStatusResponder
                        11 - certUsageAnyCA

Install (or re-install) the Module Directory Services (MDS) database.

     install-mds
        This is a system tool which is not normally used by users. There are no options.

“The man who looks for security, even in the mind, is like a man who would chop off his limbs in order to have artificial ones which will give him no pain or trouble” ~ Henry Miller (The Rosy Crucifixion I)

Related macOS commands

Local man page: security - Command line help page on your local machine.
security - Administer Keychains, keys, certificates and the Security framework.

 
Copyright © 1999-2025 windevcluster.com
Some rights reserved