1pkidaemon(1) pkidaemon pkidaemon(1)
2
3
4
6 pkidaemon - provides status management of PKI instances
7
8
10 pkidaemon lt;start|statusgt; [instance-name]
11
12
13 Note: Although this tool currently resides in the /usr/bin directory,
14 proper use of it requires it to be run with super user privileges.
15
16
18 The pkidaemon status argument provides a way to display the status of
19 all existing PKI instances on a machine. Optionally, an individual PKI
20 instance may be specified by using an optional instance-name.
21
22
23 The pkidaemon start argument is currently only used internally by the
24 systemctl scripts.
25
26
28 As stated above, the only optional argument to pkidaemon is
29 instance-name. If a valid instance name is specified, only the status
30 of that instance will be displayed.
31
32
34 For the following examples, two instances were installed. The first
35 contained a CA, KRA, OCSP, TKS and TPS in a shared PKI instance named
36 'pki-tomcat', while the second simply contained a CA running on differ‐
37 ent ports and named 'pki-tomcat-2'.
38
39
40 For the OCSP 'Unsecure URL' and the OCSP 'Secure EE URL' which both
41 specify a static string of 'lt;ocsp request blobgt;', the intention is
42 for the user to replace this static string with an actual OCSP request
43 blob relevant to their particular deployment.
44
45
46 Listing the status of all local PKI instances on this machine:
47 $ pkidaemon status
48
49 REPORT STATUS OF 'tomcat' INSTANCE(S):
50
51 Status for pki-tomcat: pki-tomcat is running ..
52
53 [CA Status Definitions]
54 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
55 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
56 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
57 Secure Admin URL = https://pki.example.com:8443/ca/services
58 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
59 Tomcat Port = 8005 (for shutdown)
60
61 [KRA Status Definitions]
62 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
63 Secure Admin URL = https://pki.example.com:8443/kra/services
64 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
65 Tomcat Port = 8005 (for shutdown)
66
67 [OCSP Status Definitions]
68 Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
69 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
70 Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
71 Secure Admin URL = https://pki.example.com:8443/ocsp/services
72 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
73 Tomcat Port = 8005 (for shutdown)
74
75 [TKS Status Definitions]
76 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
77 Secure Admin URL = https://pki.example.com:8443/tks/services
78 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
79 Tomcat Port = 8005 (for shutdown)
80
81 [TPS Status Definitions]
82 Unsecure URL = http://pki.example.com:8080/tps
83 Secure URL = https://pki.example.com:8443/tps
84 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
85 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
86 Tomcat Port = 8005 (for shutdown)
87
88 [CA Configuration Definitions]
89 PKI Instance Name: pki-tomcat
90
91 PKI Subsystem Type: Root CA (Security Domain)
92
93 Registered PKI Security Domain Information:
94 ====================================================================
95 Name: example.com Security Domain
96 URL: https://pki.example.com:8443
97 ====================================================================
98
99 [KRA Configuration Definitions]
100 PKI Instance Name: pki-tomcat
101
102 PKI Subsystem Type: KRA
103
104 Registered PKI Security Domain Information:
105 ====================================================================
106 Name: example.com Security Domain
107 URL: https://pki.example.com:8443
108 ====================================================================
109
110 [OCSP Configuration Definitions]
111 PKI Instance Name: pki-tomcat
112
113 PKI Subsystem Type: OCSP
114
115 Registered PKI Security Domain Information:
116 ====================================================================
117 Name: example.com Security Domain
118 URL: https://pki.example.com:8443
119 ====================================================================
120
121 [TKS Configuration Definitions]
122 PKI Instance Name: pki-tomcat
123
124 PKI Subsystem Type: TKS
125
126 Registered PKI Security Domain Information:
127 ====================================================================
128 Name: example.com Security Domain
129 URL: https://pki.example.com:8443
130 ====================================================================
131
132 [TPS Configuration Definitions]
133 PKI Instance Name: pki-tomcat
134
135 PKI Subsystem Type: TPS
136
137 Registered PKI Security Domain Information:
138 ====================================================================
139 Name: example.com Security Domain
140 URL: https://pki.example.com:8443
141 ====================================================================
142
143 Status for pki-tomcat-2: pki-tomcat-2 is running ..
144
145 [CA Status Definitions]
146 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
147 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
148 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
149 Secure Admin URL = https://pki.example.com:18443/ca/services
150 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
151 Tomcat Port = 18005 (for shutdown)
152
153 [CA Configuration Definitions]
154 PKI Instance Name: pki-tomcat-2
155
156 PKI Subsystem Type: Root CA (Security Domain)
157
158 Registered PKI Security Domain Information:
159 ====================================================================
160 Name: example.com Security Domain
161 URL: https://pki.example.com:18443
162 ====================================================================
163
164 FINISHED REPORTING STATUS OF 'tomcat' INSTANCE(S).
165
166
167
168 Listing the status of the PKI instance named 'pki-tomcat':
169 $ pkidaemon status pki-tomcat
170
171 Status for pki-tomcat: pki-tomcat is running ..
172
173 [CA Status Definitions]
174 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
175 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
176 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
177 Secure Admin URL = https://pki.example.com:8443/ca/services
178 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
179 Tomcat Port = 8005 (for shutdown)
180
181 [KRA Status Definitions]
182 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
183 Secure Admin URL = https://pki.example.com:8443/kra/services
184 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
185 Tomcat Port = 8005 (for shutdown)
186
187 [OCSP Status Definitions]
188 Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
189 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
190 Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
191 Secure Admin URL = https://pki.example.com:8443/ocsp/services
192 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
193 Tomcat Port = 8005 (for shutdown)
194
195 [TKS Status Definitions]
196 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
197 Secure Admin URL = https://pki.example.com:8443/tks/services
198 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
199 Tomcat Port = 8005 (for shutdown)
200
201 [TPS Status Definitions]
202 Unsecure URL = http://pki.example.com:8080/tps
203 Secure URL = https://pki.example.com:8443/tps
204 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
205 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
206 Tomcat Port = 8005 (for shutdown)
207
208 [CA Configuration Definitions]
209 PKI Instance Name: pki-tomcat
210
211 PKI Subsystem Type: Root CA (Security Domain)
212
213 Registered PKI Security Domain Information:
214 ====================================================================
215 Name: example.com Security Domain
216 URL: https://pki.example.com:8443
217 ====================================================================
218
219 [KRA Configuration Definitions]
220 PKI Instance Name: pki-tomcat
221
222 PKI Subsystem Type: KRA
223
224 Registered PKI Security Domain Information:
225 ====================================================================
226 Name: example.com Security Domain
227 URL: https://pki.example.com:8443
228 ====================================================================
229
230 [OCSP Configuration Definitions]
231 PKI Instance Name: pki-tomcat
232
233 PKI Subsystem Type: OCSP
234
235 Registered PKI Security Domain Information:
236 ====================================================================
237 Name: example.com Security Domain
238 URL: https://pki.example.com:8443
239 ====================================================================
240
241 [TKS Configuration Definitions]
242 PKI Instance Name: pki-tomcat
243
244 PKI Subsystem Type: TKS
245
246 Registered PKI Security Domain Information:
247 ====================================================================
248 Name: example.com Security Domain
249 URL: https://pki.example.com:8443
250 ====================================================================
251
252 [TPS Configuration Definitions]
253 PKI Instance Name: pki-tomcat
254
255 PKI Subsystem Type: TPS
256
257 Registered PKI Security Domain Information:
258 ====================================================================
259 Name: example.com Security Domain
260 URL: https://pki.example.com:8443
261 ====================================================================
262
263
264
265 Listing the status of the PKI instance named 'pki-tomcat-2':
266 $ pkidaemon status pki-tomcat-2
267
268 Status for pki-tomcat-2: pki-tomcat-2 is running ..
269
270 [CA Status Definitions]
271 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
272 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
273 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
274 Secure Admin URL = https://pki.example.com:18443/ca/services
275 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
276 Tomcat Port = 18005 (for shutdown)
277
278 [CA Configuration Definitions]
279 PKI Instance Name: pki-tomcat-2
280
281 PKI Subsystem Type: Root CA (Security Domain)
282
283 Registered PKI Security Domain Information:
284 ====================================================================
285 Name: example.com Security Domain
286 URL: https://pki.example.com:18443
287 ====================================================================
288
289
290
292 pkispawn(8)
293 pkidestroy(8)
294 pki_default.cfg(5)
295 pki(1)
296
297
299 Matthew Harmsen lt;mharmsen@redhat.comgt;.
300
301
303 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU Gen‐
304 eral Public License, version 2 (GPLv2). A copy of this license is
305 available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
306
307
308
309PKI Jul 8, 2015 pkidaemon(1)