NAME¶

pvverify - Tool to verify host-keys

SYNOPSIS¶

pvverify [OPTIONS] --host-key-document <FILE> <--no-verify|--cert <FILE>>

DESCRIPTION¶

Tool to verify host-keys. Use this tool to verify the chain of trust for IBM Secure

OPTIONS¶

-k, --host-key-document <FILE>

Use FILE as a host-key document. Can be specified multiple times and must be specified at least once.

--no-verify

Disable the host-key document verification. Does not require the host-key documents to be valid. Do not use for a production request unless you verified the host-key document beforehand.

-C, --cert <FILE>

Use FILE as a certificate to verify the host-key or keys. The certificates are used to establish a chain of trust for the verification of the host-key documents. Specify this option twice to specify the IBM Z signing key and the intermediate CA certificate (signed by the root CA).

--crl <FILE>

Use FILE as a certificate revocation list (CRL). The list is used to check whether a certificate of the chain of trust is revoked. Specify this option multiple times to use multiple CRLs.

--offline

Make no attempt to download CRLs.

--root-ca <ROOT_CA>

Use FILE as the root-CA certificate for the verification. If omitted, the system wide-root CAs installed on the system are used. Use this only if you trust the specified certificate.

--version

Print version information and exit.

-h, --help

Print help (see a summary with -h).

2025-12-09

s390-tools

Source file:	pvverify.1.en.gz (from s390-tools 2.40.0-4.1)
Source last updated:	2026-02-12T09:59:56Z
Converted to HTML:	2026-02-15T02:46:51Z