=head1 EXAMPLES

=head2 Example 1. Create a 1024-bit DSA key

This example demonstrates how to create a 1024-bit DSA key called
dsa-key.pem that is protected by a passphrase.

    openssl dsaparam -out dsaparam.pem 1024

    openssl gendsa -des3 -out dsa-key.pem dsaparam.pem

If you don't want to use a passphrase, drop the '-des3' argument.

=head2 Example 2. Create a 1024-bit RSA key

This example demonstrates how to create a 1024-bit RSA key called
rsa-key.pem that is protected by a passphrase.

    openssl genrsa -des3 -out rsa-key.pem 1024

If you don't want to use a passphrase, drop the '-des3' argument.

=head2 Example 3. Create a self-signed, DSA certificate

This example demonstrates how to create a self-signed, 5-year DSA
certificate called dsa-crt.pem that is bound to a key called
dsa-key.pem.

    openssl req -new -x509 -dss1 -days 1825 -key dsa-key.pem -out dsa-crt.pem

=head2 Example 4. Create a self-signed, RSA certificate

This example demonstrates how to create a self-signed, 5-year RSA
certificate called rsa-crt.pem that is bound to a key called
rsa-key.pem.

    openssl req -new -x509 -sha1 -days 1825 -key rsa-key.pem -out rsa-crt.pem

=head2 Example 5. Sign a single payload

This example demonstrates how to sign a single file called payload
using a key called key.pem.

    webjob-dsvtool --sign-payload --key-file key.pem payload

or in shorthand form:

    webjob-dsvtool -s -k key.pem payload

Either of the above commands will produce the following file:

    payload.sig

=head2 Example 6. Sign multiple payloads

This example demonstrates how to sign all files in the commands tree
using a key called key.pem.

    webjob-dsvtool --sign-payload --key-file key.pem `find /var/webjob/profiles/common/commands -type f`

or in shorthand form:

    webjob-dsvtool -s -k key.pem `find /var/webjob/profiles/common/commands -type f`

Either of the above commands will produce one signature file for each
file returned by find(1).

=head2 Example 7. Verify a payload's signature using a single certificate

This example demonstrates how to verify the signature of a file called
payload using a certificate called cert.pem.

    webjob-dsvtool --verify-signature --cert-file cert.pem payload payload.sig

or in shorthand form:

    webjob-dsvtool -V -f cert.pem payload payload.sig

Note: Certificate chains and expiration dates and are not checked in
this process -- only whether or not the signature is valid.  The
Common Name assigned to the certificate will be displayed in the
output if the signature is good.

=head2 Example 8. Verify a payload's signature using certificates in a
certificate tree

This example demonstrates how to verify the signature of a file called
payload using certificates located in a certificate tree called certs.

    webjob-dsvtool --verify-signature --cert-tree certs payload payload.sig

or in shorthand form:

    webjob-dsvtool -V -t certs payload payload.sig

Note: Certificate chains and expiration dates and are not checked in
this process -- only whether or not the signature is valid.  The
Common Name assigned to the certificate will be displayed in the
output if the signature is good.