keygen
TODO: Improve this documentation
Usage: keygen [-o output directory (default .)] [-u username to own keypair] [-g owning groupname] [-h hostname for cert] [-y years to issue cert] [-e entityID to embed in cert] [-n filename prefix (default 'sp')]
Example used to generate shibboleth keys:
cd /etc/shibboleth
SPURL="shibboleth-sp.example.com"
./keygen.sh -u shibd -g shibd -h $SPURL -y 10 -e https://$SPURL/shibboleth -n sp-encrypt
./keygen.sh -u shibd -g shibd -h $SPURL -y 10 -e https://$SPURL/shibboleth -n sp-signing