Manpages

NAME

sq cert export - Export certificates from the local certificate store

SYNOPSIS

sq cert export [OPTIONS] QUERY

DESCRIPTION

Export certificates from the local certificate store.

If multiple predicates are specified a certificate is returned if at least one of them matches.

This does not check the authenticity of the certificates in anyway. Before using the certificates, be sure to validate and authenticate them.

When matching on subkeys or User IDs, the component must have a valid self signature according to the policy. This is not the case when matching the certificate’s key handle using ’--cert’ or when exporting all certificates.

Fails if search criteria are specified and none of them matches any certificates. Note: this means if the certificate store is empty and no search criteria are specified, then this will return success.

OPTIONS

Subcommand options
-B
, --binary

Emit binary data

--all

Export all certificates

--cert=FINGERPRINT|KEYID

Return certificates that have the specified fingerprint or key ID

--domain=DOMAIN

Return certificates that have a User ID with an email address from the specified domain

--email=EMAIL

Return certificates that have a User ID with the specified email address, case insensitively

--grep=PATTERN

Return certificates that have a User ID that contains the string, case insensitively

--key=FINGERPRINT|KEYID

Return certificates where the primary key or a subkey has the specified fingerprint or key ID

--userid=USERID

Return certificates that have a User ID that matches exactly, including case

QUERY

Return certificates matching QUERY. This may be a subkey fingerprint or key ID, an email address, or an User ID fragment.

Global options
See sq(1) for a description of the global options.

EXAMPLES

Export all certificates.

sq cert export --all

Export certificates with a matching User ID packet. The binding signatures are checked, but the User IDs are not authenticated. Note: this check is case sensitive.

sq cert export --userid "Alice <alice [AT] example.org>"

Export certificates with a User ID containing the email address. The binding signatures are checked, but the User IDs are not authenticated. Note: this check is case insensitive.

sq cert export --email alice [AT] example.org

Export certificates where the certificate (i.e., the primary key) has the specified Key ID.

sq cert export --cert 6F0073F60FD0CBF0

Export certificates where the primary key or a subkey matches the specified Key ID.

sq cert export --key 24F3955B0B8DECC8

Export certificates that contain a User ID with *either* (not both!) email address. Note: this check is case insensitive.

sq cert export --email alice [AT] example.org --email \

bob [AT] example.org

SEE ALSO

sq(1), sq-cert(1).

For the full documentation see <https://book.sequoia-pgp.org>;.

VERSION

0.34.0 (sequoia-openpgp 1.19.0)