Forrest logo
back to the openssl tool

openssl-ts:tldr:420ae

openssl-ts: Verify a timestamp request file and a timestamp response file from the server with an SSL certificate file.
$ openssl ts -verify -in ${filename-tsr} -queryfile ${filename-tsq} -partial_chain -CAfile ${path-to-cert-pem}
try on your machine

This command is using the OpenSSL tool to verify the time-stamping response (TSR) file specified by the variable ${filename-tsr} against the time-stamping query (TSQ) file specified by the variable ${filename-tsq}.

Here's a breakdown of the command:

  • openssl ts: This is the command to use the OpenSSL time-stamping functionality.

  • -verify: This option is used to verify the TSR against its corresponding TSQ.

  • -in ${filename-tsr}: This specifies the input TSR file to be verified. The ${filename-tsr} is a variable that should be replaced with the actual file name.

  • -queryfile ${filename-tsq}: This specifies the TSQ file to be used in the verification process. The ${filename-tsq} is a variable that should be replaced with the actual file name.

  • -partial_chain: This option allows the verification process to use a partial certificate chain. It means that instead of having the complete chain of trust, only the necessary certificates to build and verify the chain up to the root CA will be used.

  • -CAfile ${path-to-cert-pem}: This option specifies the path to the CA (Certificate Authority) file in PEM format. It is used to provide the trusted CA certificates that are needed to verify the timestamps. The ${path-to-cert-pem} is a variable that should be replaced with the actual file path.

By running this command, OpenSSL will perform the verification process and provide the result indicating whether the time-stamping response file is valid and matches the corresponding time-stamping query.

This explanation was created by an AI. In most cases those are correct. But please always be careful and never run a command you are not sure if it is safe.
back to the openssl tool