1pkidaemon(1) pkidaemon pkidaemon(1)
2
6 pkidaemon - provides status management of PKI instances
7
10 pkidaemon <start|status> [instance-name]
11 Note: Although this tool currently resides in the /usr/bin directory,
14 proper use of it requires it to be run with super user privileges.
15
18 The pkidaemon status argument provides a way to display the status of
19 all existing PKI instances on a machine. Optionally, an individual PKI
20 instance may be specified by using an optional instance-name.
21 The pkidaemon start argument is currently only used internally by the
24 systemctl scripts.
25
28 As stated above, the only optional argument to pkidaemon is
29 instance-name. If a valid instance name is specified, only the status
30 of that instance will be displayed.
31
34 For the following examples, two instances were installed. The first
35 contained a CA, KRA, OCSP, TKS and TPS in a shared PKI instance named
36 'pki-tomcat', while the second simply contained a CA running on differ‐
37 ent ports and named 'pki-tomcat-2'.
38 For the OCSP 'Unsecure URL' and the OCSP 'Secure EE URL' which both
41 specify a static string of '<ocsp request blob>', the intention is for
42 the user to replace this static string with an actual OCSP request blob
43 relevant to their particular deployment.
44 Listing the status of all local PKI instances on this machine:
47 $ pkidaemon status
48 REPORT STATUS OF 'tomcat' INSTANCE(S):
50 Status for pki-tomcat: pki-tomcat is running ..
52 [CA Status Definitions]
54 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
55 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
56 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
57 Secure Admin URL = https://pki.example.com:8443/ca/services
58 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
59 Tomcat Port = 8005 (for shutdown)
60 [KRA Status Definitions]
62 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
63 Secure Admin URL = https://pki.example.com:8443/kra/services
64 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
65 Tomcat Port = 8005 (for shutdown)
66 [OCSP Status Definitions]
68 Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
69 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
70 Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
71 Secure Admin URL = https://pki.example.com:8443/ocsp/services
72 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
73 Tomcat Port = 8005 (for shutdown)
74 [TKS Status Definitions]
76 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
77 Secure Admin URL = https://pki.example.com:8443/tks/services
78 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
79 Tomcat Port = 8005 (for shutdown)
80 [TPS Status Definitions]
82 Unsecure URL = http://pki.example.com:8080/tps
83 Secure URL = https://pki.example.com:8443/tps
84 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
85 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
86 Tomcat Port = 8005 (for shutdown)
87 [CA Configuration Definitions]
89 PKI Instance Name: pki-tomcat
90 PKI Subsystem Type: Root CA (Security Domain)
92 Registered PKI Security Domain Information:
94 ====================================================================
95 Name: example.com Security Domain
96 URL: https://pki.example.com:8443
97 ====================================================================
98 [KRA Configuration Definitions]
100 PKI Instance Name: pki-tomcat
101 PKI Subsystem Type: KRA
103 Registered PKI Security Domain Information:
105 ====================================================================
106 Name: example.com Security Domain
107 URL: https://pki.example.com:8443
108 ====================================================================
109 [OCSP Configuration Definitions]
111 PKI Instance Name: pki-tomcat
112 PKI Subsystem Type: OCSP
114 Registered PKI Security Domain Information:
116 ====================================================================
117 Name: example.com Security Domain
118 URL: https://pki.example.com:8443
119 ====================================================================
120 [TKS Configuration Definitions]
122 PKI Instance Name: pki-tomcat
123 PKI Subsystem Type: TKS
125 Registered PKI Security Domain Information:
127 ====================================================================
128 Name: example.com Security Domain
129 URL: https://pki.example.com:8443
130 ====================================================================
131 [TPS Configuration Definitions]
133 PKI Instance Name: pki-tomcat
134 PKI Subsystem Type: TPS
136 Registered PKI Security Domain Information:
138 ====================================================================
139 Name: example.com Security Domain
140 URL: https://pki.example.com:8443
141 ====================================================================
142 Status for pki-tomcat-2: pki-tomcat-2 is running ..
144 [CA Status Definitions]
146 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
147 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
148 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
149 Secure Admin URL = https://pki.example.com:18443/ca/services
150 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
151 Tomcat Port = 18005 (for shutdown)
152 [CA Configuration Definitions]
154 PKI Instance Name: pki-tomcat-2
155 PKI Subsystem Type: Root CA (Security Domain)
157 Registered PKI Security Domain Information:
159 ====================================================================
160 Name: example.com Security Domain
161 URL: https://pki.example.com:18443
162 ====================================================================
163 FINISHED REPORTING STATUS OF 'tomcat' INSTANCE(S).
165 Listing the status of the PKI instance named 'pki-tomcat':
169 $ pkidaemon status pki-tomcat
170 Status for pki-tomcat: pki-tomcat is running ..
172 [CA Status Definitions]
174 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
175 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
176 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
177 Secure Admin URL = https://pki.example.com:8443/ca/services
178 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
179 Tomcat Port = 8005 (for shutdown)
180 [KRA Status Definitions]
182 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
183 Secure Admin URL = https://pki.example.com:8443/kra/services
184 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
185 Tomcat Port = 8005 (for shutdown)
186 [OCSP Status Definitions]
188 Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
189 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
190 Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
191 Secure Admin URL = https://pki.example.com:8443/ocsp/services
192 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
193 Tomcat Port = 8005 (for shutdown)
194 [TKS Status Definitions]
196 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
197 Secure Admin URL = https://pki.example.com:8443/tks/services
198 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
199 Tomcat Port = 8005 (for shutdown)
200 [TPS Status Definitions]
202 Unsecure URL = http://pki.example.com:8080/tps
203 Secure URL = https://pki.example.com:8443/tps
204 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
205 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
206 Tomcat Port = 8005 (for shutdown)
207 [CA Configuration Definitions]
209 PKI Instance Name: pki-tomcat
210 PKI Subsystem Type: Root CA (Security Domain)
212 Registered PKI Security Domain Information:
214 ====================================================================
215 Name: example.com Security Domain
216 URL: https://pki.example.com:8443
217 ====================================================================
218 [KRA Configuration Definitions]
220 PKI Instance Name: pki-tomcat
221 PKI Subsystem Type: KRA
223 Registered PKI Security Domain Information:
225 ====================================================================
226 Name: example.com Security Domain
227 URL: https://pki.example.com:8443
228 ====================================================================
229 [OCSP Configuration Definitions]
231 PKI Instance Name: pki-tomcat
232 PKI Subsystem Type: OCSP
234 Registered PKI Security Domain Information:
236 ====================================================================
237 Name: example.com Security Domain
238 URL: https://pki.example.com:8443
239 ====================================================================
240 [TKS Configuration Definitions]
242 PKI Instance Name: pki-tomcat
243 PKI Subsystem Type: TKS
245 Registered PKI Security Domain Information:
247 ====================================================================
248 Name: example.com Security Domain
249 URL: https://pki.example.com:8443
250 ====================================================================
251 [TPS Configuration Definitions]
253 PKI Instance Name: pki-tomcat
254 PKI Subsystem Type: TPS
256 Registered PKI Security Domain Information:
258 ====================================================================
259 Name: example.com Security Domain
260 URL: https://pki.example.com:8443
261 ====================================================================
262 Listing the status of the PKI instance named 'pki-tomcat-2':
266 $ pkidaemon status pki-tomcat-2
267 Status for pki-tomcat-2: pki-tomcat-2 is running ..
269 [CA Status Definitions]
271 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
272 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
273 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
274 Secure Admin URL = https://pki.example.com:18443/ca/services
275 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
276 Tomcat Port = 18005 (for shutdown)
277 [CA Configuration Definitions]
279 PKI Instance Name: pki-tomcat-2
280 PKI Subsystem Type: Root CA (Security Domain)
282 Registered PKI Security Domain Information:
284 ====================================================================
285 Name: example.com Security Domain
286 URL: https://pki.example.com:18443
287 ====================================================================
288
292 pkispawn(8)
293 pkidestroy(8)
294 pki_default.cfg(5)
295 pki(1)
296
299 Matthew Harmsen <mharmsen@redhat.com>.
300
303 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU Gen‐
304 eral Public License, version 2 (GPLv2). A copy of this license is
305 available at ⟨http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt⟩.
306PKI Jul 8, 2015 pkidaemon(1)