generate # generate is acra-keys subcommand used for generating keys (for both v1, v2 keystore versions). Command line flags # General flags # --client_id=<id> 🔴 Use provided ClientID as identifier to generate keys or keypairs. --tls_cert=<path> (deprecated since 0.96.0) Path to TLS certificate to use as ClientID identifier. Works only when passed empty ClientID: --client_id="". Use --tls_client_id_cert instead. --tls_client_id_cert=<path> Path to TLS certificate to use as ClientID identif...| Cossack Labs Documentation Server on Cossack Labs
TLS certificate validation using OCSP # OCSP-related flags and their description. Works for acra-connector, acra-server and acra-translator. --tls_ocsp_url=<url> URL of OCSP service. Empty by default. Should point to HTTP server that accepts application/ocsp-request MIME type and responds with application/ocsp-response. For acra-server it will work like --tls_ocsp_client_url and --tls_ocsp_database_url passed simultaneously with same value. For acra-connector and acra-translator (that can onl...| Cossack Labs Documentation Server on Cossack Labs
TLS certificate validation using CRL # Only CRL v1 with basic fields is currently supported. This means Acra will be able to download CRL, verify it, and search for a certificate serial number there. But more advanced features like CRL extensions (including delta CRLs) are not handled yet. CRL-related flags and their descriptions. Works for acra-connector, acra-server and acra-translator. --tls_crl_url=<url> URL of the Certificate Revocation List (CRL) to use.| Cossack Labs Documentation Server on Cossack Labs