1pki-user-cert(1) PKI User Certificate Management Commands pki-user-cert(1)
2
6 pki-user-cert - Command-line interface for managing PKI user certifi‐
7 cates.
8
11 pki [CLI-options] <subsystem>-user-cert
12 pki [CLI-options] <subsystem>-user-cert-find user-ID [command-options]
13 pki [CLI-options] <subsystem>-user-cert-show user-ID cert-ID [com‐
14 mand-options]
15 pki [CLI-options] <subsystem>-user-cert-add user-ID [command-options]
16 pki [CLI-options] <subsystem>-user-cert-del user-ID cert-ID [com‐
17 mand-options]
18
21 The pki <subsystem>-user-cert commands provide command-line interfaces
22 to manage user certificates on the specified subsystem.
23 Valid subsystems are ca, kra, ocsp, tks, and tps.
26 pki [CLI-options] <subsystem>-user-cert
29 This command is to list available user certificate commands for the
30 subsystem.
31 pki [CLI-options] <subsystem>-user-cert-find user-ID [command-options]
34 This command is to list certificates owned by the subsystem user.
35 pki [CLI-options] <subsystem>-user-cert-show user-ID cert-ID [com‐
38 mand-options]
39 This command is to view the details of a certificate owned to the
40 subsystem user.
41 pki [CLI-options] <subsystem>-user-cert-add user-ID [command-options]
44 This command is to add a certificate to the subsystem user.
45 pki [CLI-options] <subsystem>-user-cert-del user-ID cert-ID [com‐
48 mand-options]
49 This command is to delete a certificate from the subsystem user.
50
53 The CLI options are described in pki(1).
54
57 To view available user certificate commands, type pki <subsys‐
58 tem>-user-cert. To view each command's usage, type pki <subsys‐
59 tem>-user-cert-<command> --help.
60 All user certificate commands must be executed as the subsystem admin‐
63 istrator.
64 For example, to list certificates owned by a CA user execute the fol‐
67 lowing command:
68 $ pki <CA admin authentication> ca-user-cert-find testuser
71 The results can be paged by specifying the (0-based) index of the first
75 entry to return and the maximum number of entries returned:
76 $ pki <CA admin authentication> ca-user-cert-find testuser --start 20 --size 10
79 The above command will return entries #20 to #29.
83 To view a certificate owned by a CA user, specify the user ID and the
86 certificate ID in the following command:
87 $ pki <CA admin authentication> ca-user-cert-show testuser \
90 "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser"
91 To add a certificate to a CA user from a file, specify the user ID and
95 the input file:
96 $ pki <CA admin authentication> ca-user-cert-add testuser --input testuser.crt
99 To add a certificate to a CA user from the certificate repository,
103 specify the user ID and the serial number:
104 $ pki <CA admin authentication> ca-user-cert-add testuser --serial 0x80
107 To delete a certificate from a CA user, specify the user ID and the
111 certificate ID in the following command:
112 $ pki <CA admin authentication> ca-user-cert-del testuser \
115 "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser"
116
120 Endi S. Dewata <edewata@redhat.com>.
121
124 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU Gen‐
125 eral Public License, version 2 (GPLv2). A copy of this license is
126 available at ⟨http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt⟩.
127PKI Jun 3, 2015 pki-user-cert(1)