1pki-server-instance(8) PKI Instance Management Commands pki-server-instance(8)
2
3
4

NAME

6       pki-server-instance  -  Command-line  interface for managing PKI server
7       instances.
8
9

SYNOPSIS

11       pki-server [CLI-options] instance
12       pki-server [CLI-options] instance-cert
13       pki-server [CLI-options] instance-cert-export
14       pki-server [CLI-options] instance-find
15       pki-server [CLI-options] instance-show instance-ID
16       pki-server [CLI-options] instance-start instance-ID
17       pki-server [CLI-options] instance-stop instance-ID
18       pki-server [CLI-options] instance-migrate --tomcat version instance-ID
19       pki-server [CLI-options] instance-nuxwdog-enable instance-ID
20       pki-server [CLI-options] instance-nuxwdog-disable instance-ID
21       pki-server  [CLI-options]  instance-externalcert-add   -i   instance-ID
22       --cert-file path --trust-args args --nickname nickname --token token
23       pki-server   [CLI-options]   instance-externalcert-del  -i  instance-ID
24       --nickname nickname --token token
25
26

DESCRIPTION

28       The pki-server instance commands  provide  command-line  interfaces  to
29       manage  PKI server instances.  A PKI server instance consists of a sin‐
30       gle Apache Tomcat instance that contains one or more subsystems.
31
32
33       Operations that are available  include:  listing  and  showing  details
34       about  local  instances;  starting  and  stopping instances; performing
35       instance  migrations;  and  enabling  or  disabling  password  prompted
36       instance startup using nuxwdog.
37
38
39       pki-server [CLI-options] instance
40           This command is to list available instance commands.
41
42
43       pki-server [CLI-options] instance-cert
44           This command is to list available instance certificate commands.
45
46
47       pki-server [CLI-options] instance-cert-export
48           This  command  is  to export system certificates and keys to a PKCS
49       #12 file.
50           The output filename and either a password or a  password  file  are
51       required.
52           If  no nicknames are specified, all the system certificates will be
53       exported.
54           Otherwise, it is possible to extract individual certificates  (with
55       or without their keys and trust arguments),
56           and to append to an existing PKCS #12 file.
57
58
59       pki-server [CLI-options] instance-find
60           This command is to list local PKI server instances.
61
62
63       pki-server [CLI-options] instance-show instance-ID
64           This command is to view a details about a particular instance.
65
66
67       pki-server [CLI-options] instance-start instance-ID
68           This command is to start a PKI server instance.
69           Note  that  currently  this  command  cannot be used to start nuxw‐
70       dog-enabled instances.
71
72
73       pki-server [CLI-options] instance-stop instance-ID
74           This command is to stop a PKI server instance.
75           Note that currently this command  cannot  be  used  to  stop  nuxw‐
76       dog-enabled instances.
77
78
79       pki-server [CLI-options] instance-migrate --tomcat version instance-ID
80           There  are differences in configuration between Apache Tomcat 7 and
81       Apache Tomcat 8.
82           This command reconfigures a PKI server instance to match the speci‐
83       fied Tomcat version.
84           This  command can be used to migrate initially created under Tomcat
85       7 when Tomcat is upgraded.
86           See pki-server migrate(8) for further details.
87
88
89       pki-server [CLI-options] instance-nuxwdog-enable instance-ID
90           This command is to convert a PKI server instance to  start  without
91       access to a password file,
92           using  the  nuxwdog  daemon.  See pki-server nuxwdog(8) for further
93       details.
94
95
96       pki-server [CLI-options] instance-nuxwdog-disable instance-ID
97           This command is to convert a PKI  server  instance  to  start  with
98       access to a password file,
99           rather  than  using  the nuxwdog daemon.  See pki-server nuxwdog(8)
100       for further details.
101
102
103       pki-server  [CLI-options]  instance-externalcert-add   -i   instance-ID
104       --cert-file path --trust-args args --nickname nickname --token token
105           This  command  is  to add a certificate to the certificate database
106       for a PKI server instance.
107           The certificate will be kept track of  in  the  configuration  file
108       external_certs.conf,
109           and will automatically be exported when the system certificates are
110       exported.
111           To update a certificate, the old one  needs  to  be  removed  first
112       using the delete command below.
113           The  trust  arguments  are  those  defined  for NSS databases, e.g.
114       "CT,C,C".
115           See certutil(1) for more details.
116
117
118       pki-server  [CLI-options]  instance-externalcert-del   -i   instance-ID
119       --nickname nickname --token token
120           This  command is to remove a certificate from the certificate data‐
121       base for a PKI server instance.
122
123

OPTIONS

125       The CLI options are described in pki-server(8).
126
127

OPERATIONS

129       To  view  available  instance  management  commands,  type   pki-server
130       instance.     To   view   each   command's   usage,   type   pki-server
131       instance-lt;commandgt; --help.
132
133

AUTHORS

135       Ade Lee lt;alee@redhat.comgt;.
136
137
139       Copyright (c) 2015 Red Hat, Inc.  This is licensed under the  GNU  Gen‐
140       eral  Public  License,  version  2  (GPLv2).  A copy of this license is
141       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
142
143
144
145PKI                              July 15, 2015          pki-server-instance(8)
Impressum