1pki-server-ocsp(8) PKI OCSP Management Commands pki-server-ocsp(8)
2
3
4
6 pki-server-ocsp - Command-line interface for managing PKI OCSP.
7
8
10 pki-server [CLI-options] ocsp-clone-prepare [command-options]
11 pki-server [CLI-options] ocsp-audit-event-find [command-options]
12 pki-server [CLI-options] ocsp-audit-event-enable [command-options]
13 event-ID
14 pki-server [CLI-options] ocsp-audit-event-modify [command-options]
15 event-ID
16 pki-server [CLI-options] ocsp-audit-event-disable [command-options]
17 event-ID
18 pki-server [CLI-options] ocsp-audit-file-find [command-options]
19 pki-server [CLI-options] ocsp-audit-file-verify [command-options]
20
21
23 The pki-server ocsp commands provide command-line interfaces to manage
24 PKI OCSP.
25
26
27 pki-server [CLI-options] ocsp [command-options]
28 This command is to list available PKI OCSP management commands.
29
30
31 pki-server [CLI-options] ocsp-clone-prepare [command-options]
32 This command export OCSP subsystem certificates into a PKCS #12
33 file with private keys.
34
35
36 pki-server [CLI-options] ocsp-audit-event-find [command-options]
37 This command list all the audit events which are enabled/disabled.
38
39
40 pki-server [CLI-options] ocsp-audit-event-enable [command-options]
41 event-ID
42 This command will enable audit events in the OCSP.
43
44
45 pki-server [CLI-options] ocsp-audit-event-disable [command-options]
46 event-ID
47 This command will disable audit events in the OCSP.
48
49
50 pki-server [CLI-options] ocsp-audit-event-modify [command-options]
51 event-ID
52 This command will modify the event filter for audit events.
53
54
55 pki-server [CLI-options] ocsp-audit-file-find [command-options]
56 This command lists the audit log files generated by the OCSP.
57
58
59 pki-server [CLI-options] ocsp-audit-file-verify [command-options]
60 This command will verify whether the signatures in the audit log
61 files are valid.
62
63
65 Logging audit events:
66
67
68 · AUDIT_LOG_STARTUP
69
70 · AUDIT_LOG_SHUTDOWN
71
72 · AUDIT_LOG_DELETE
73
74 · LOG_PATH_CHANGE
75
76 · LOG_EXPIRATION_CHANGE
77
78 · CONFIG_SIGNED_AUDIT
79
80
81
82 Authentication and authorization audit events:
83
84
85 · AUTHZ
86
87 · AUTH
88
89 · ROLE_ASSUME
90
91 · CONFIG_AUTH
92
93 · CONFIG_ROLE
94
95 · ACCESS_SESSION_ESTABLISH
96
97 · ACCESS_SESSION_TERMINATED
98
99
100
101 Key audit events:
102
103
104 · PRIVATE_KEY_ARCHIVE_REQUEST
105
106 · PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED
107
108 · PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS
109
110 · CONFIG_TRUSTED_PUBLIC_KEY
111
112 · PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE
113
114 · KEY_RECOVERY_REQUEST
115
116 · KEY_RECOVERY_REQUEST_ASYNC
117
118 · KEY_RECOVERY_AGENT_LOGIN
119
120 · KEY_RECOVERY_REQUEST_PROCESSED
121
122 · KEY_RECOVERY_REQUEST_PROCESSED_ASYNC
123
124 · KEY_GEN_ASYMMETRIC
125
126 · COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS
127
128 · COMPUTE_SESSION_KEY_REQUEST
129
130 · COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE
131
132 · DIVERSIFY_KEY_REQUEST
133
134 · DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS
135
136 · DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE
137
138 · SERVER_SIDE_KEYGEN_REQUEST
139
140 · SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS
141
142 · SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE
143
144
145
146 CMC audit events:
147
148
149 · CMC_RESPONSE_SENT
150
151 · CMC_ID_POP_LINK_WITNESS
152
153 · CMC_SIGNED_REQUEST_SIG_VERIFY
154
155 · CMC_PROOF_OF_IDENTIFICATION
156
157 · CMC_REQUEST_RECEIVED
158
159 · CMC_USER_SIGNED_REQUEST_SIG_VERIFY
160
161 · PROOF_OF_POSSESSION
162
163
164
165 Profile audit events:
166
167
168 · CONFIG_CERT_PROFILE
169
170 · CONFIG_CRL_PROFILE
171
172 · CONFIG_OCSP_PROFILE
173
174
175
176 Certificate audit events:
177
178
179 · CERT_SIGNING_INFO
180
181 · CERT_PROFILE_APPROVAL
182
183 · CERT_REQUEST_PROCESSED
184
185 · CERT_STATUS_CHANGE_REQUEST
186
187 · CERT_STATUS_CHANGE_REQUEST_PROCESSED
188
189 · CONFIG_CERT_POLICY
190
191 · PROFILE_CERT_REQUEST
192
193 · CIMC_CERT_VERIFICATION
194
195 · NON_PROFILE_CERT_REQUEST
196
197
198
199 ACL audit events:
200
201
202 · CONFIG_ACL
203
204
205
206 OCSP audit events:
207
208
209 · OCSP_SIGNING_INFO
210
211 · OCSP_GENERATION
212
213
214
215 CRL audit events:
216
217
218 · SCHEDULE_CRL_GENERATION
219
220 · DELTA_CRL_PUBLISHING
221
222 · CRL_VALIDATION
223
224 · CRL_RETRIEVAL
225
226 · CRL_SIGNING_INFO
227
228 · FULL_CRL_GENERATION
229
230 · DELTA_CRL_GENERATION
231
232
233
234 Authority audit events:
235
236
237 · AUTHORITY_CONFIG
238
239 · SECURITY_DOMAIN_UPDATE
240
241 · CONFIG_DRM
242
243
244
245 Selftest audit events:
246
247
248 · SELFTESTS_EXECUTION
249
250
251
252 Encryption data audit events:
253
254
255 · CONFIG_ENCRYPTION
256
257 · ENCRYPT_DATA_REQUEST
258
259 · ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS
260
261 · ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE
262
263 · COMPUTE_RANDOM_DATA_REQUEST
264
265 · COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE
266
267 · COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS
268
269 · SECURITY_DATA_ARCHIVAL_REQUEST
270
271
272
273 Serial/random number audit event:
274
275
276 · INTER_BOUNDARY
277
278 · CONFIG_SERIAL_NUMBER
279
280 · RANDOM_GENERATION
281
282
283
285 pki-server(8)
286 PKI server management commands
287
288
290 Amol Kahat <akahat@redhat.com>.
291
292
294 Copyright (c) 2018 Red Hat, Inc. This is licensed under the GNU Gen‐
295 eral Public License, version 2 (GPLv2). A copy of this license is
296 available at ⟨http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt⟩.
297
298
299
300PKI Mar 21, 2018 pki-server-ocsp(8)