1pki-user-cert(1) PKI User Certificate Management Commands pki-user-cert(1)
2
6 pki-user-cert - Command-line interface for managing PKI user certifi‐
7 cates.
8
11 pki [CLI-options] lt;subsystemgt;-user-cert
12 pki [CLI-options] lt;subsystemgt;-user-cert-find user-ID [com‐
13 mand-options]
14 pki [CLI-options] lt;subsystemgt;-user-cert-show user-ID cert-ID [com‐
15 mand-options]
16 pki [CLI-options] lt;subsystemgt;-user-cert-add user-ID [com‐
17 mand-options]
18 pki [CLI-options] lt;subsystemgt;-user-cert-del user-ID cert-ID [com‐
19 mand-options]
20
23 The pki lt;subsystemgt;-user-cert commands provide command-line inter‐
24 faces to manage user certificates on the specified subsystem.
25 Valid subsystems are ca, kra, ocsp, tks, and tps.
28 pki [CLI-options] lt;subsystemgt;-user-cert
31 This command is to list available user certificate commands for the
32 subsystem.
33 pki [CLI-options] lt;subsystemgt;-user-cert-find user-ID [com‐
36 mand-options]
37 This command is to list certificates owned by the subsystem user.
38 pki [CLI-options] lt;subsystemgt;-user-cert-show user-ID cert-ID [com‐
41 mand-options]
42 This command is to view the details of a certificate owned to the
43 subsystem user.
44 pki [CLI-options] lt;subsystemgt;-user-cert-add user-ID [com‐
47 mand-options]
48 This command is to add a certificate to the subsystem user.
49 pki [CLI-options] lt;subsystemgt;-user-cert-del user-ID cert-ID [com‐
52 mand-options]
53 This command is to delete a certificate from the subsystem user.
54
57 The CLI options are described in pki(1).
58
61 To view available user certificate commands, type pki lt;subsys‐
62 temgt;-user-cert. To view each command's usage, type pki lt;subsys‐
63 temgt;-user-cert-lt;commandgt; --help.
64 All user certificate commands must be executed as the subsystem admin‐
67 istrator.
68 For example, to list certificates owned by a CA user execute the fol‐
71 lowing command:
72 $ pki <CA admin authentication> ca-user-cert-find testuser
75 The results can be paged by specifying the (0-based) index of the first
79 entry to return and the maximum number of entries returned:
80 $ pki <CA admin authentication> ca-user-cert-find testuser --start 20 --size 10
83 The above command will return entries #20 to #29.
87 To view a certificate owned by a CA user, specify the user ID and the
90 certificate ID in the following command:
91 $ pki <CA admin authentication> ca-user-cert-show testuser \
94 "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser"
95 To add a certificate to a CA user from a file, specify the user ID and
99 the input file:
100 $ pki <CA admin authentication> ca-user-cert-add testuser --input testuser.crt
103 To add a certificate to a CA user from the certificate repository,
107 specify the user ID and the serial number:
108 $ pki <CA admin authentication> ca-user-cert-add testuser --serial 0x80
111 To delete a certificate from a CA user, specify the user ID and the
115 certificate ID in the following command:
116 $ pki <CA admin authentication> ca-user-cert-del testuser \
119 "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser"
120
124 Endi S. Dewata lt;edewata@redhat.comgt;.
125
128 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU Gen‐
129 eral Public License, version 2 (GPLv2). A copy of this license is
130 available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
131PKI Jun 3, 2015 pki-user-cert(1)