1pkidaemon(1) pkidaemon pkidaemon(1)
2
6 pkidaemon - provides status management of PKI instances
7
10 pkidaemon {start|status} [instance-name]
11 Note: Although this tool currently resides in the /usr/bin directory,
13 proper use of it requires it to be run with super user privileges.
14
17 The pkidaemon command with the 'status' argument provides a way to dis‐
18 play the status of all existing PKI instances on a machine. Option‐
19 ally, an individual PKI instance may be specified by using an optional
20 [instance-name].
21 The pkidaemon 'start' argument is currently only used internally by the
23 systemctl scripts.
24
27 As stated above, the only optional argument to pkidaemon is [instance-
28 name]. If a valid instance name is specified, only the status of that
29 instance will be displayed.
30
33 For the following examples, two instances were installed. The first
34 contained a CA, KRA, OCSP, TKS and TPS in a shared PKI instance named
35 'pki-tomcat', while the second simply contained a CA running on differ‐
36 ent ports and named 'pki-tomcat-2'.
37 For the OCSP 'Unsecure URL' and the OCSP 'Secure EE URL' which both
39 specify a static string of '<ocsp request blob>', the intention is for
40 the user to replace this static string with an actual OCSP request blob
41 relevant to their particular deployment.
42 Listing the status of all local PKI instances on this machine:
45 # pkidaemon status
48 REPORT STATUS OF 'tomcat' INSTANCE(S):
50 Status for pki-tomcat: pki-tomcat is running ..
52 [CA Status Definitions]
54 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
55 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
56 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
57 Secure Admin URL = https://pki.example.com:8443/ca/services
58 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
59 Tomcat Port = 8005 (for shutdown)
60 [KRA Status Definitions]
62 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
63 Secure Admin URL = https://pki.example.com:8443/kra/services
64 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
65 Tomcat Port = 8005 (for shutdown)
66 [OCSP Status Definitions]
68 Unsecure URL = http://pki.exam‐
69 ple.com:8080/ocsp/ee/ocsp/<ocsp request blob>
70 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
71 Secure EE URL = https://pki.exam‐
72 ple.com:8443/ocsp/ee/ocsp/<ocsp request blob>
73 Secure Admin URL = https://pki.example.com:8443/ocsp/services
74 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
75 Tomcat Port = 8005 (for shutdown)
76 [TKS Status Definitions]
78 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
79 Secure Admin URL = https://pki.example.com:8443/tks/services
80 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
81 Tomcat Port = 8005 (for shutdown)
82 [TPS Status Definitions]
84 Unsecure URL = http://pki.example.com:8080/tps
85 Secure URL = https://pki.example.com:8443/tps
86 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
87 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
88 Tomcat Port = 8005 (for shutdown)
89 [CA Configuration Definitions]
91 PKI Instance Name: pki-tomcat
92 PKI Subsystem Type: Root CA (Security Domain)
94 Registered PKI Security Domain Information:
96 ====================================================================
97 Name: example.com Security Domain
98 URL: https://pki.example.com:8443
99 ====================================================================
100 [KRA Configuration Definitions]
102 PKI Instance Name: pki-tomcat
103 PKI Subsystem Type: KRA
105 Registered PKI Security Domain Information:
107 ====================================================================
108 Name: example.com Security Domain
109 URL: https://pki.example.com:8443
110 ====================================================================
111 [OCSP Configuration Definitions]
113 PKI Instance Name: pki-tomcat
114 PKI Subsystem Type: OCSP
116 Registered PKI Security Domain Information:
118 ====================================================================
119 Name: example.com Security Domain
120 URL: https://pki.example.com:8443
121 ====================================================================
122 [TKS Configuration Definitions]
124 PKI Instance Name: pki-tomcat
125 PKI Subsystem Type: TKS
127 Registered PKI Security Domain Information:
129 ====================================================================
130 Name: example.com Security Domain
131 URL: https://pki.example.com:8443
132 ====================================================================
133 [TPS Configuration Definitions]
135 PKI Instance Name: pki-tomcat
136 PKI Subsystem Type: TPS
138 Registered PKI Security Domain Information:
140 ====================================================================
141 Name: example.com Security Domain
142 URL: https://pki.example.com:8443
143 ====================================================================
144 Status for pki-tomcat-2: pki-tomcat-2 is running ..
146 [CA Status Definitions]
148 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
149 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
150 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
151 Secure Admin URL = https://pki.example.com:18443/ca/services
152 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
153 Tomcat Port = 18005 (for shutdown)
154 [CA Configuration Definitions]
156 PKI Instance Name: pki-tomcat-2
157 PKI Subsystem Type: Root CA (Security Domain)
159 Registered PKI Security Domain Information:
161 ====================================================================
162 Name: example.com Security Domain
163 URL: https://pki.example.com:18443
164 ====================================================================
165 FINISHED REPORTING STATUS OF 'tomcat' INSTANCE(S).
167 Listing the status of the PKI instance named 'pki-tomcat':
170 # pkidaemon status pki-tomcat
173 Status for pki-tomcat: pki-tomcat is running ..
175 [CA Status Definitions]
177 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
178 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
179 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
180 Secure Admin URL = https://pki.example.com:8443/ca/services
181 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
182 Tomcat Port = 8005 (for shutdown)
183 [KRA Status Definitions]
185 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
186 Secure Admin URL = https://pki.example.com:8443/kra/services
187 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
188 Tomcat Port = 8005 (for shutdown)
189 [OCSP Status Definitions]
191 Unsecure URL = http://pki.exam‐
192 ple.com:8080/ocsp/ee/ocsp/<ocsp request blob>
193 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
194 Secure EE URL = https://pki.exam‐
195 ple.com:8443/ocsp/ee/ocsp/<ocsp request blob>
196 Secure Admin URL = https://pki.example.com:8443/ocsp/services
197 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
198 Tomcat Port = 8005 (for shutdown)
199 [TKS Status Definitions]
201 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
202 Secure Admin URL = https://pki.example.com:8443/tks/services
203 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
204 Tomcat Port = 8005 (for shutdown)
205 [TPS Status Definitions]
207 Unsecure URL = http://pki.example.com:8080/tps
208 Secure URL = https://pki.example.com:8443/tps
209 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
210 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
211 Tomcat Port = 8005 (for shutdown)
212 [CA Configuration Definitions]
214 PKI Instance Name: pki-tomcat
215 PKI Subsystem Type: Root CA (Security Domain)
217 Registered PKI Security Domain Information:
219 ====================================================================
220 Name: example.com Security Domain
221 URL: https://pki.example.com:8443
222 ====================================================================
223 [KRA Configuration Definitions]
225 PKI Instance Name: pki-tomcat
226 PKI Subsystem Type: KRA
228 Registered PKI Security Domain Information:
230 ====================================================================
231 Name: example.com Security Domain
232 URL: https://pki.example.com:8443
233 ====================================================================
234 [OCSP Configuration Definitions]
236 PKI Instance Name: pki-tomcat
237 PKI Subsystem Type: OCSP
239 Registered PKI Security Domain Information:
241 ====================================================================
242 Name: example.com Security Domain
243 URL: https://pki.example.com:8443
244 ====================================================================
245 [TKS Configuration Definitions]
247 PKI Instance Name: pki-tomcat
248 PKI Subsystem Type: TKS
250 Registered PKI Security Domain Information:
252 ====================================================================
253 Name: example.com Security Domain
254 URL: https://pki.example.com:8443
255 ====================================================================
256 [TPS Configuration Definitions]
258 PKI Instance Name: pki-tomcat
259 PKI Subsystem Type: TPS
261 Registered PKI Security Domain Information:
263 ====================================================================
264 Name: example.com Security Domain
265 URL: https://pki.example.com:8443
266 ====================================================================
267 Listing the status of the PKI instance named 'pki-tomcat-2':
270 # pkidaemon status pki-tomcat-2
273 Status for pki-tomcat-2: pki-tomcat-2 is running ..
275 [CA Status Definitions]
277 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
278 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
279 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
280 Secure Admin URL = https://pki.example.com:18443/ca/services
281 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
282 Tomcat Port = 18005 (for shutdown)
283 [CA Configuration Definitions]
285 PKI Instance Name: pki-tomcat-2
286 PKI Subsystem Type: Root CA (Security Domain)
288 Registered PKI Security Domain Information:
290 ====================================================================
291 Name: example.com Security Domain
292 URL: https://pki.example.com:18443
293 ====================================================================
294
297 Report bugs to http://bugzilla.redhat.com.
298
301 Matthew Harmsen <mharmsen@redhat.com>. pkidaemon was written by the
302 Certificate Server project.
303
306 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General
307 Public License, version 2 (GPLv2). A copy of this license is available
308 at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
309
312 pkispawn(8), pkidestroy(8), pki_default.cfg(5), pki(1)
313version 10.2 Jul 8, 2015 pkidaemon(1)