pki-server-subsystem(8)

1pki-server-subsystem(8)     PKI Subsystem Commands     pki-server-subsystem(8)
2
3
4

NAME

6       pki-server-subsystem  - Command-Line Interface for managing Certificate
7       System subsystems.
8
9

SYNOPSIS

11       pki-server [CLI options] subsystem
12       pki-server [CLI options] subsystem-find -i <instance ID>
13       pki-server [CLI options] subsystem-show -i <instance ID> <subsystem ID>
14       pki-server [CLI options] subsystem-enable -i <instance ID> <subsystem ID>
15       pki-server [CLI options] subsystem-disable -i <instance ID> <subsystem ID>
16       pki-server [CLI options] subsystem-cert-find -i <instance ID> <subsystem ID>
17       pki-server [CLI options] subsystem-cert-show -i <instance ID> <subsystem ID> <cert ID>
18       pki-server [CLI options] subsystem-cert-export -i <instance ID> <subsystem ID> <cert ID>
19       pki-server [CLI options] subsystem-cert-update -i <instance ID> <subsystem ID> <cert ID>
20
21

DESCRIPTION

23       The pki-server subsystem commands provide  command-line  interfaces  to
24       manage  Certificate  Server  (CS)  subsystems.   A  Certificate  Server
25       instance consists of a single Apache Tomcat instance that contains  one
26       or  more  CS  subsystems.  Valid subsystem identifiers are 'ca', 'kra',
27       'tks', 'ocsp' and 'tps'.  No instance may have more than  one  of  each
28       type of subsystem.
29
30       pki-server  subsystem commands perform operations on a specific subsys‐
31       tem within a CS instance.  Consequently, all pki-server subsystem  com‐
32       mands  require  specification of the instance ID to completely identify
33       the target subsystem.
34
35       Operations  that  are  available  include:  listing  subsystems  in  an
36       instance; showing details about a subsystem; and enabling and disabling
37       subsystems.
38
39       pki-server [CLI options] subsystem
40           This command is to list available subsystem commands.
41
42       pki-server [CLI options] subsystem-find -i <instance ID>
43           This command is to list subsystems within a specific instance.
44
45       pki-server [CLI options] subsystem-show -i <instance ID> <subsystem ID>
46           This command is to view the details about a particular subsystem.
47
48       pki-server [CLI options] subsystem-enable -i <instance  ID>  <subsystem
49       ID>
50           This  command  is to enable a particular subsystem.  Each subsystem
51           consists of a web application within the  Apache  Tomcat  instance.
52           Enabling  a  subsystem  means deploying the web application so that
53           the application initializes and is  accessible  via  the  HTTP  and
54           HTTPS ports for the Apache Tomcat instance.
55
56           Note: Each subsystem runs a set of self-tests on startup.  If these
57           self-tests fail, the subsystem will be disabled by undeploying  the
58           web  application.   The deployment status (enabled/disabled) of the
59           subsystem can be determined from the output of  pki-server  subsys‐
60           tem-show.   Once  the  underlying  problem  is fixed, the subsystem
61           should be re-enabled using pki-server subsystem-enable.
62
63       pki-server [CLI options] subsystem-disable -i <instance ID>  <subsystem
64       ID>
65           This  command  is  to  disable  a  subsystem by undeploying the web
66           application corresponding to the subsystem.  The subsystem will  no
67           longer  be  accessible  through the web interfaces.  This is useful
68           when specific subsystems need to be made inaccessible  for  mainte‐
69           nance as Apache Tomcat allows web applications to be deployed/unde‐
70           ployed while the instance is still running (hot deployment).
71
72       pki-server [CLI options] subsystem-cert-find -i <instance ID>  <subsys‐
73       tem ID>
74           This command is to list system certificates in a particular subsys‐
75           tem.
76
77       pki-server [CLI options] subsystem-cert-show -i <instance ID>  <subsys‐
78       tem ID> <cert ID>
79           This command is to view the details about a system certificate in a
80           particular subsystem.
81
82       pki-server [CLI options] subsystem-cert-export -i <instance  ID>  <sub‐
83       system ID> <cert ID>
84           This command is to export a system certificate in a particular sub‐
85           system.
86
87       pki-server [CLI options] subsystem-cert-update -i <instance  ID>  <sub‐
88       system ID> <cert ID>
89           This command is to update a system certificate in a particular sub‐
90           system.
91
92

OPTIONS

94       The CLI options are described in pki-server(8).
95
96

OPERATIONS

98       To view available subsystem management commands, type  pki-server  sub‐
99       system.  To view each command's usage, type  pki-server subsystem-<com‐
100       mand> --help.
101
102       All pki-server commands must be executed as the system administrator.
103
104

AUTHORS

106       Ade Lee <alee@redhat.com>
107
108

COPYRIGHT

110       Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General
111       Public  License, version 2 (GPLv2). A copy of this license is available
112       at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
113
114
115
116version 10.2                     July 15, 2015         pki-server-subsystem(8)