1pkidaemon(1)                       pkidaemon                      pkidaemon(1)
2
3
4

NAME

6       pkidaemon - provides status management of PKI instances
7
8

SYNOPSIS

10       pkidaemon <start|status> [instance-name]
11
12
13       Note:  Although  this tool currently resides in the /usr/bin directory,
14       proper use of it requires it to be run with super user privileges.
15
16

DESCRIPTION

18       The pkidaemon status argument provides a way to display the  status  of
19       all existing PKI instances on a machine.  Optionally, an individual PKI
20       instance may be specified by using an optional instance-name.
21
22
23       The pkidaemon start argument is currently only used internally  by  the
24       systemctl scripts.
25
26

OPTIONS

28       As   stated   above,   the  only  optional  argument  to  pkidaemon  is
29       instance-name.  If a valid instance name is specified, only the  status
30       of that instance will be displayed.
31
32

EXAMPLES

34       For  the  following  examples, two instances were installed.  The first
35       contained a CA, KRA, OCSP, TKS and TPS in a shared PKI  instance  named
36       'pki-tomcat', while the second simply contained a CA running on differ‐
37       ent ports and named 'pki-tomcat-2'.
38
39
40       For the OCSP 'Unsecure URL' and the OCSP 'Secure  EE  URL'  which  both
41       specify  a static string of '<ocsp request blob>', the intention is for
42       the user to replace this static string with an actual OCSP request blob
43       relevant to their particular deployment.
44
45
46   Listing the status of all local PKI instances on this machine:
47              $ pkidaemon status
48
49              REPORT STATUS OF 'tomcat' INSTANCE(S):
50
51              Status for pki-tomcat: pki-tomcat is running ..
52
53                  [CA Status Definitions]
54                  Unsecure URL        = http://pki.example.com:8080/ca/ee/ca
55                  Secure Agent URL    = https://pki.example.com:8443/ca/agent/ca
56                  Secure EE URL       = https://pki.example.com:8443/ca/ee/ca
57                  Secure Admin URL    = https://pki.example.com:8443/ca/services
58                  PKI Console Command = pkiconsole https://pki.example.com:8443/ca
59                  Tomcat Port         = 8005 (for shutdown)
60
61                  [KRA Status Definitions]
62                  Secure Agent URL    = https://pki.example.com:8443/kra/agent/kra
63                  Secure Admin URL    = https://pki.example.com:8443/kra/services
64                  PKI Console Command = pkiconsole https://pki.example.com:8443/kra
65                  Tomcat Port         = 8005 (for shutdown)
66
67                  [OCSP Status Definitions]
68                  Unsecure URL        = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
69                  Secure Agent URL    = https://pki.example.com:8443/ocsp/agent/ocsp
70                  Secure EE URL       = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
71                  Secure Admin URL    = https://pki.example.com:8443/ocsp/services
72                  PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
73                  Tomcat Port         = 8005 (for shutdown)
74
75                  [TKS Status Definitions]
76                  Secure Agent URL    = https://pki.example.com:8443/tks/agent/tks
77                  Secure Admin URL    = https://pki.example.com:8443/tks/services
78                  PKI Console Command = pkiconsole https://pki.example.com:8443/tks
79                  Tomcat Port         = 8005 (for shutdown)
80
81                  [TPS Status Definitions]
82                  Unsecure URL        = http://pki.example.com:8080/tps
83                  Secure URL          = https://pki.example.com:8443/tps
84                  Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
85                  Secure PHONE HOME   = https://pki.example.com:8443/tps/phoneHome
86                  Tomcat Port         = 8005 (for shutdown)
87
88                  [CA Configuration Definitions]
89                  PKI Instance Name:   pki-tomcat
90
91                  PKI Subsystem Type:  Root CA (Security Domain)
92
93                  Registered PKI Security Domain Information:
94                  ====================================================================
95                  Name:  example.com Security Domain
96                  URL:   https://pki.example.com:8443
97                  ====================================================================
98
99                  [KRA Configuration Definitions]
100                  PKI Instance Name:   pki-tomcat
101
102                  PKI Subsystem Type:  KRA
103
104                  Registered PKI Security Domain Information:
105                  ====================================================================
106                  Name:  example.com Security Domain
107                  URL:   https://pki.example.com:8443
108                  ====================================================================
109
110                  [OCSP Configuration Definitions]
111                  PKI Instance Name:   pki-tomcat
112
113                  PKI Subsystem Type:  OCSP
114
115                  Registered PKI Security Domain Information:
116                  ====================================================================
117                  Name:  example.com Security Domain
118                  URL:   https://pki.example.com:8443
119                  ====================================================================
120
121                  [TKS Configuration Definitions]
122                  PKI Instance Name:   pki-tomcat
123
124                  PKI Subsystem Type:  TKS
125
126                  Registered PKI Security Domain Information:
127                  ====================================================================
128                  Name:  example.com Security Domain
129                  URL:   https://pki.example.com:8443
130                  ====================================================================
131
132                  [TPS Configuration Definitions]
133                  PKI Instance Name:   pki-tomcat
134
135                  PKI Subsystem Type:  TPS
136
137                  Registered PKI Security Domain Information:
138                  ====================================================================
139                  Name:  example.com Security Domain
140                  URL:   https://pki.example.com:8443
141                  ====================================================================
142
143              Status for pki-tomcat-2: pki-tomcat-2 is running ..
144
145                  [CA Status Definitions]
146                  Unsecure URL        = http://pki.example.com:18080/ca/ee/ca
147                  Secure Agent URL    = https://pki.example.com:18443/ca/agent/ca
148                  Secure EE URL       = https://pki.example.com:18443/ca/ee/ca
149                  Secure Admin URL    = https://pki.example.com:18443/ca/services
150                  PKI Console Command = pkiconsole https://pki.example.com:18443/ca
151                  Tomcat Port         = 18005 (for shutdown)
152
153                  [CA Configuration Definitions]
154                  PKI Instance Name:   pki-tomcat-2
155
156                  PKI Subsystem Type:  Root CA (Security Domain)
157
158                  Registered PKI Security Domain Information:
159                  ====================================================================
160                  Name:  example.com Security Domain
161                  URL:   https://pki.example.com:18443
162                  ====================================================================
163
164              FINISHED REPORTING STATUS OF 'tomcat' INSTANCE(S).
165
166
167
168   Listing the status of the PKI instance named 'pki-tomcat':
169              $ pkidaemon status pki-tomcat
170
171              Status for pki-tomcat: pki-tomcat is running ..
172
173                  [CA Status Definitions]
174                  Unsecure URL        = http://pki.example.com:8080/ca/ee/ca
175                  Secure Agent URL    = https://pki.example.com:8443/ca/agent/ca
176                  Secure EE URL       = https://pki.example.com:8443/ca/ee/ca
177                  Secure Admin URL    = https://pki.example.com:8443/ca/services
178                  PKI Console Command = pkiconsole https://pki.example.com:8443/ca
179                  Tomcat Port         = 8005 (for shutdown)
180
181                  [KRA Status Definitions]
182                  Secure Agent URL    = https://pki.example.com:8443/kra/agent/kra
183                  Secure Admin URL    = https://pki.example.com:8443/kra/services
184                  PKI Console Command = pkiconsole https://pki.example.com:8443/kra
185                  Tomcat Port         = 8005 (for shutdown)
186
187                  [OCSP Status Definitions]
188                  Unsecure URL        = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
189                  Secure Agent URL    = https://pki.example.com:8443/ocsp/agent/ocsp
190                  Secure EE URL       = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
191                  Secure Admin URL    = https://pki.example.com:8443/ocsp/services
192                  PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
193                  Tomcat Port         = 8005 (for shutdown)
194
195                  [TKS Status Definitions]
196                  Secure Agent URL    = https://pki.example.com:8443/tks/agent/tks
197                  Secure Admin URL    = https://pki.example.com:8443/tks/services
198                  PKI Console Command = pkiconsole https://pki.example.com:8443/tks
199                  Tomcat Port         = 8005 (for shutdown)
200
201                  [TPS Status Definitions]
202                  Unsecure URL        = http://pki.example.com:8080/tps
203                  Secure URL          = https://pki.example.com:8443/tps
204                  Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
205                  Secure PHONE HOME   = https://pki.example.com:8443/tps/phoneHome
206                  Tomcat Port         = 8005 (for shutdown)
207
208                  [CA Configuration Definitions]
209                  PKI Instance Name:   pki-tomcat
210
211                  PKI Subsystem Type:  Root CA (Security Domain)
212
213                  Registered PKI Security Domain Information:
214                  ====================================================================
215                  Name:  example.com Security Domain
216                  URL:   https://pki.example.com:8443
217                  ====================================================================
218
219                  [KRA Configuration Definitions]
220                  PKI Instance Name:   pki-tomcat
221
222                  PKI Subsystem Type:  KRA
223
224                  Registered PKI Security Domain Information:
225                  ====================================================================
226                  Name:  example.com Security Domain
227                  URL:   https://pki.example.com:8443
228                  ====================================================================
229
230                  [OCSP Configuration Definitions]
231                  PKI Instance Name:   pki-tomcat
232
233                  PKI Subsystem Type:  OCSP
234
235                  Registered PKI Security Domain Information:
236                  ====================================================================
237                  Name:  example.com Security Domain
238                  URL:   https://pki.example.com:8443
239                  ====================================================================
240
241                  [TKS Configuration Definitions]
242                  PKI Instance Name:   pki-tomcat
243
244                  PKI Subsystem Type:  TKS
245
246                  Registered PKI Security Domain Information:
247                  ====================================================================
248                  Name:  example.com Security Domain
249                  URL:   https://pki.example.com:8443
250                  ====================================================================
251
252                  [TPS Configuration Definitions]
253                  PKI Instance Name:   pki-tomcat
254
255                  PKI Subsystem Type:  TPS
256
257                  Registered PKI Security Domain Information:
258                  ====================================================================
259                  Name:  example.com Security Domain
260                  URL:   https://pki.example.com:8443
261                  ====================================================================
262
263
264
265   Listing the status of the PKI instance named 'pki-tomcat-2':
266              $ pkidaemon status pki-tomcat-2
267
268              Status for pki-tomcat-2: pki-tomcat-2 is running ..
269
270                  [CA Status Definitions]
271                  Unsecure URL        = http://pki.example.com:18080/ca/ee/ca
272                  Secure Agent URL    = https://pki.example.com:18443/ca/agent/ca
273                  Secure EE URL       = https://pki.example.com:18443/ca/ee/ca
274                  Secure Admin URL    = https://pki.example.com:18443/ca/services
275                  PKI Console Command = pkiconsole https://pki.example.com:18443/ca
276                  Tomcat Port         = 18005 (for shutdown)
277
278                  [CA Configuration Definitions]
279                  PKI Instance Name:   pki-tomcat-2
280
281                  PKI Subsystem Type:  Root CA (Security Domain)
282
283                  Registered PKI Security Domain Information:
284                  ====================================================================
285                  Name:  example.com Security Domain
286                  URL:   https://pki.example.com:18443
287                  ====================================================================
288
289
290

SEE ALSO

292       pkispawn(8)
293       pkidestroy(8)
294       pki_default.cfg(5)
295       pki(1)
296
297

AUTHORS

299       Matthew Harmsen <mharmsen@redhat.com>.
300
301
303       Copyright  (c)  2015 Red Hat, Inc.  This is licensed under the GNU Gen‐
304       eral Public License, version 2 (GPLv2).  A  copy  of  this  license  is
305       available at ⟨http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt⟩.
306
307
308
309PKI                               Jul 8, 2015                     pkidaemon(1)
Impressum