1pki-server-tps(8)         PKI TPS Management Commands        pki-server-tps(8)
2
3
4

NAME

6       pki-server-tps - Command-Line Interface for managing PKI TPS.
7
8

SYNOPSIS

10       pki-server [CLI-options] tps-clone-prepare [command-options]
11       pki-server [CLI-options] tps-db-vlv-find [command-options]
12       pki-server [CLI-options] tps-db-vlv-add [command-options]
13       pki-server [CLI-options] tps-db-vlv-del [command-options]
14       pki-server [CLI-options] tps-db-vlv-reindex [command-options]
15       pki-server [CLI-options] tps-audit-event-find [command-options]
16       pki-server   [CLI-options]   tps-audit-event-enable   [command-options]
17       event-ID
18       pki-server   [CLI-options]   tps-audit-event-modify   [command-options]
19       event-ID
20       pki-server   [CLI-options]   tps-audit-event-disable  [command-options]
21       event-ID
22       pki-server [CLI-options] tps-audit-file-find [command-options]
23       pki-server [CLI-options] tps-audit-file-verify [command-options]
24
25
26       .SH DESCRIPTION
27
28
29       The pki-server tps commands provide command-line interfaces  to  manage
30       PKI TPS.
31
32
33       pki-server [CLI-options] tps [command-options]
34           This command is to list available PKI TPS management commands.
35
36
37       pki-server [CLI-options] tps-clone-prepare [command-options]
38           This  command  export  TPS system certificates into a PKCS #12 file
39       with private keys.
40
41
42       pki-server [CLI-options] tps-db-vlv-find [command-options]
43           This command will list VLV records for TPS.
44
45
46       pki-server [CLI-options] tps-db-vlv-add [command-options]
47           This command will add VLV records for TPS.
48
49
50       pki-server [CLI-options] tps-db-vlv-del [command-options]
51           This command will delete VLV records for TPS.
52
53
54       pki-server [CLI-options] tps-db-vlv-reindex [command-options]
55           This command will reindex VLV records for TPS.
56
57
58       pki-server [CLI-options] tps-audit-event-find [command-options]
59           This command list all the audit events which are enabled/disabled.
60
61
62       pki-server   [CLI-options]   tps-audit-event-enable   [command-options]
63       event-ID
64           This command will enable audit events in the TPS.
65
66
67       pki-server   [CLI-options]   tps-audit-event-disable  [command-options]
68       event-ID
69           This command will disable audit events in the TPS.
70
71
72       pki-server   [CLI-options]   tps-audit-event-modify   [command-options]
73       event-ID
74           This command will modify the event filter for audit events.
75
76
77       pki-server [CLI-options] tps-audit-file-find [command-options]
78           This command lists audit log files generated by the TPS.
79
80
81       pki-server [CLI-options] tps-audit-file-verify [command-options]
82           This  command  will  verify whether the signatures in the audit log
83       files are valid.
84
85

AUDIT EVENTS

87       Logging audit events:
88
89
90              · AUDIT_LOG_STARTUP
91
92              · AUDIT_LOG_SHUTDOWN
93
94              · AUDIT_LOG_DELETE
95
96              · LOG_PATH_CHANGE
97
98              · LOG_EXPIRATION_CHANGE
99
100              · CONFIG_SIGNED_AUDIT
101
102
103
104       Authentication and authorization audit events:
105
106
107              · AUTHZ
108
109              · AUTH
110
111              · ROLE_ASSUME
112
113              · CONFIG_AUTH
114
115              · CONFIG_ROLE
116
117              · ACCESS_SESSION_ESTABLISH
118
119              · ACCESS_SESSION_TERMINATED
120
121
122
123       Key audit events:
124
125
126              · PRIVATE_KEY_ARCHIVE_REQUEST
127
128              · PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED
129
130              · PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS
131
132              · CONFIG_TRUSTED_PUBLIC_KEY
133
134              · PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE
135
136              · KEY_RECOVERY_REQUEST
137
138              · KEY_RECOVERY_REQUEST_ASYNC
139
140              · KEY_RECOVERY_AGENT_LOGIN
141
142              · KEY_RECOVERY_REQUEST_PROCESSED
143
144              · KEY_RECOVERY_REQUEST_PROCESSED_ASYNC
145
146              · KEY_GEN_ASYMMETRIC
147
148              · COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS
149
150              · COMPUTE_SESSION_KEY_REQUEST
151
152              · COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE
153
154              · DIVERSIFY_KEY_REQUEST
155
156              · DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS
157
158              · DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE
159
160              · SERVER_SIDE_KEYGEN_REQUEST
161
162              · SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS
163
164              · SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE
165
166
167
168       CMC audit events:
169
170
171              · CMC_RESPONSE_SENT
172
173              · CMC_ID_POP_LINK_WITNESS
174
175              · CMC_SIGNED_REQUEST_SIG_VERIFY
176
177              · CMC_PROOF_OF_IDENTIFICATION
178
179              · CMC_REQUEST_RECEIVED
180
181              · CMC_USER_SIGNED_REQUEST_SIG_VERIFY
182
183              · PROOF_OF_POSSESSION
184
185
186
187       Profile audit events:
188
189
190              · CONFIG_CERT_PROFILE
191
192              · CONFIG_CRL_PROFILE
193
194              · CONFIG_OCSP_PROFILE
195
196
197
198       Certificate audit events:
199
200
201              · CERT_SIGNING_INFO
202
203              · CERT_PROFILE_APPROVAL
204
205              · CERT_REQUEST_PROCESSED
206
207              · CERT_STATUS_CHANGE_REQUEST
208
209              · CERT_STATUS_CHANGE_REQUEST_PROCESSED
210
211              · CONFIG_CERT_POLICY
212
213              · PROFILE_CERT_REQUEST
214
215              · CIMC_CERT_VERIFICATION
216
217              · NON_PROFILE_CERT_REQUEST
218
219
220
221       ACL audit events:
222
223
224              · CONFIG_ACL
225
226
227
228       OCSP audit events:
229
230
231              · OCSP_SIGNING_INFO
232
233              · OCSP_GENERATION
234
235
236
237       CRL audit events:
238
239
240              · SCHEDULE_CRL_GENERATION
241
242              · DELTA_CRL_PUBLISHING
243
244              · CRL_VALIDATION
245
246              · CRL_RETRIEVAL
247
248              · CRL_SIGNING_INFO
249
250              · FULL_CRL_GENERATION
251
252              · DELTA_CRL_GENERATION
253
254
255
256       Authority audit events:
257
258
259              · AUTHORITY_CONFIG
260
261              · SECURITY_DOMAIN_UPDATE
262
263              · CONFIG_DRM
264
265
266
267       Selftest audit events:
268
269
270              · SELFTESTS_EXECUTION
271
272
273
274       Encryption data audit events:
275
276
277              · CONFIG_ENCRYPTION
278
279              · ENCRYPT_DATA_REQUEST
280
281              · ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS
282
283              · ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE
284
285              · COMPUTE_RANDOM_DATA_REQUEST
286
287              · COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE
288
289              · COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS
290
291              · SECURITY_DATA_ARCHIVAL_REQUEST
292
293
294
295       Serial/random number audit events:
296
297
298              · INTER_BOUNDARY
299
300              · CONFIG_SERIAL_NUMBER
301
302              · RANDOM_GENERATION
303
304
305

AUTHORS

307       Amol Kahat lt;akahat@redhat.comgt;.
308
309
311       Copyright (c) 2018 Red Hat, Inc.  This is licensed under the  GNU  Gen‐
312       eral  Public  License,  version  2  (GPLv2).  A copy of this license is
313       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
314
315
316
317PKI                              Mar 21, 2018                pki-server-tps(8)
Impressum