qcatool − command line tool for the Qt Cryptographic Architecture


qcatool is a command line tool for performing various cryptographic operations with the Qt Cryptographic Architecture (QCA). qcatool can also be used for testing and debugging QCA.


qcatool has a range of options and commands. You only ever get to use one command, but you may use several, one or no options.


As noted above, these are all optional, and may be combined.

Specify the password to use. This is probably a bad idea except for testing, because anyone can read the arguments to a command line application.


Specify the new password to use for password change with the key changepass and keybundle changepass commands. This is probably a bad idea except for testing, because anyone can read the arguments to a command line application.


Specify additional certificates, not trusted, but which may be used in the trust path if appropriate trust can be established.


Specify additional certificates which can be used as trusted (root) certificates.


Disable use of the standard root certificates that are provided by the operating system.


Disable prompting for passwords/passphrases. If you do not provide the passphrase on the command line (with −−pass or −−newpass) this will cause qcatool to abort the command if a password/passphrase is required.


If outputting certificate information fields (Distinguished Name and Subject Alternative Name), show them in same the order that they are present in the certificate rather than in a friendly sorted order.


Enable additional output to aid debugging.


Log to the specified file.


Log at the specified level. The log level can be between 0 (none) and 8 (most).


When S/MIME signing, do not bundle the signer’s certificate chain inside the signature. This results in a smaller signature output, but requires the recipient to have all of the necessary certificates in order to verify it.


help, −−help, −h

Output usage (help) information.

version, −−version, −v

Output version information.


List available plugins. Use the −−debug option to get more information on plugins which are found and which ones actually loaded.

config save [provider]

Save provider configuration. Use this to have the provider’s default configuration written to persistent storage, which you can then edit by hand.

config edit [provider]

Edit provider configuration. The changes are written to persistent storage.

key make rsa|dsa [bits]

Create a key pair

key changepass [K]

Add/change/remove passphrase of a key

cert makereq [K]

Create certificate request (CSR)

cert makeself [K]

Create self-signed certificate

cert makereqadv [K]

Advanced version of ’makereq’

cert makeselfadv [K]

Advanced version of ’makeself’

cert validate [C]

Validate certificate

keybundle make [K] [C]

Create a keybundle

keybundle extract [X]

Extract certificate(s) and key

keybundle changepass [X]

Change passphrase of a keybundle

keystore list-stores

List all available keystores

keystore list [storeName]

List content of a keystore

keystore monitor

Monitor for keystore availability

keystore export [E]

Export a keystore entry’s content

keystore exportref [E]

Export a keystore entry reference

keystore addkb [storeName] [cert.p12]

Add a keybundle into a keystore

keystore addpgp [storeName] [key.asc]

Add a PGP key into a keystore

keystore remove [E]

Remove an object from a keystore

show cert [C]

Examine a certificate

show req [req.pem]

Examine a certificate request (CSR)

show crl [crl.pem]

Examine a certificate revocation list

show kb [X]

Examine a keybundle

show pgp [P|S]

Examine a PGP key

message sign pgp|pgpdetach|smime [X|S]

Sign a message

message encrypt pgp|smime [C|P]

Encrypt a message

message signencrypt [S] [P]

PGP sign & encrypt a message

message verify pgp|smime

Verify a message

message decrypt pgp|smime ((X) ...)

Decrypt a message (S/MIME needs X)

message exportcerts

Export certs from S/MIME message


The arguments to the commands are as follows.

K = private key.

C = certificate.

X = key bundle.

P = PGP public key.

S = PGP secret key.

E = generic entry.

These must be identified by either a filename or a keystore reference ("store:obj").


qcatool was written by Justin Karneges as part of QCA. This manual page was written by Brad Hards.


Personal Opportunity - Free software gives you access to billions of dollars of software at no cost. Use this software for your business, personal use or to develop a profitable skill. Access to source code provides access to a level of capabilities/information that companies protect though copyrights. Open source is a core component of the Internet and it is available to you. Leverage the billions of dollars in resources and capabilities to build a career, establish a business or change the world. The potential is endless for those who understand the opportunity.

Business Opportunity - Goldman Sachs, IBM and countless large corporations are leveraging open source to reduce costs, develop products and increase their bottom lines. Learn what these companies know about open source and how open source can give you the advantage.

Free Software

Free Software provides computer programs and capabilities at no cost but more importantly, it provides the freedom to run, edit, contribute to, and share the software. The importance of free software is a matter of access, not price. Software at no cost is a benefit but ownership rights to the software and source code is far more significant.

Free Office Software - The Libre Office suite provides top desktop productivity tools for free. This includes, a word processor, spreadsheet, presentation engine, drawing and flowcharting, database and math applications. Libre Office is available for Linux or Windows.

Free Books

The Free Books Library is a collection of thousands of the most popular public domain books in an online readable format. The collection includes great classical literature and more recent works where the U.S. copyright has expired. These books are yours to read and use without restrictions.

Source Code - Want to change a program or know how it works? Open Source provides the source code for its programs so that anyone can use, modify or learn how to write those programs themselves. Visit the GNU source code repositories to download the source.


Study at Harvard, Stanford or MIT - Open edX provides free online courses from Harvard, MIT, Columbia, UC Berkeley and other top Universities. Hundreds of courses for almost all major subjects and course levels. Open edx also offers some paid courses and selected certifications.

Linux Manual Pages - A man or manual page is a form of software documentation found on Linux/Unix operating systems. Topics covered include computer programs (including library and system calls), formal standards and conventions, and even abstract concepts.