1pki-pkcs12-cert(1)PKI PKCS #12 Certificate Management Commandspki-pkcs12-cert(1)
2
3
4

NAME

6       pki-pkcs12-cert  -  Command-line interface for managing individual cer‐
7       tificates in PKCS #12 file.
8
9

SYNOPSIS

11       pki [CLI-options] pkcs12-cert
12       pki [CLI-options] pkcs12-cert-find [command-options]
13       pki [CLI-options] pkcs12-cert-export nickname [command-options]
14       pki [CLI-options] pkcs12-cert-import nickname [command-options]
15       pki [CLI-options] pkcs12-cert-mod nickname [command-options]
16       pki [CLI-options] pkcs12-cert-del nickname [command-options]
17
18

DESCRIPTION

20       The pki pkcs12-cert commands provide command-line interfaces to  manage
21       certificates in a PKCS #12 file.
22
23
24       pki [CLI-options] pkcs12-cert-find [command-options]
25           This command is to list certificates in a PKCS #12 file.
26
27
28       pki [CLI-options] pkcs12-cert-export nickname [command-options]
29           This command is to export a certificate from a PKCS #12 file.
30
31
32       pki [CLI-options] pkcs12-cert-import nickname [command-options]
33           This command is to import a certificate into a PKCS #12 file.
34
35
36       pki [CLI-options] pkcs12-cert-mod nickname [command-options]
37           This command is to modify a certificate in a PKCS #12 file.
38
39
40       pki [CLI-options] pkcs12-cert-del nickname [command-options]
41           This command is to delete a certificate from a PKCS #12 file.
42
43

OPTIONS

45       The CLI options are described in pki(1).
46
47

OPERATIONS

49       To view available profile commands, type pki pkcs12-cert.  To view each
50       command's usage, type pki pkcs12-cert-lt;commandgt; --help.
51
52
53       All pki pkcs12-cert commands require a PKCS #12 file and its  password.
54       The  PKCS  #12  file can be specified with the --pkcs12-file parameter.
55       The password can be specified either directly with  the  --pkcs12-pass‐
56       word parameter, or in a file with the --pkcs12-password-file parameter.
57
58
59       Some pki pkcs12-cert commands require an NSS database and its password.
60       The NSS database location  can  be  specified  with  the  -d  parameter
61       (default: ~/.dogtag/nssdb).  The NSS database password can be specified
62       with the -c or the -C parameter.
63
64
65   Viewing certificates in a PKCS #12 file
66       To list the certificates in a PKCS #12 file:
67
68
69              $ pki pkcs12-cert-find <PKCS #12 file> <PKCS #12 password>
70
71
72
73   Exporting a certificate from a PKCS #12 file
74       To export a certificate from a PKCS #12 file into a file in PEM format:
75
76
77              $ pki pkcs12-cert-export <nickname> <PKCS #12 file> <PKCS #12 password> <cert file>
78
79
80
81       The certificate file can be specified with the --cert-file parameter.
82
83
84   Importing a certificate into a PKCS #12 file
85       To import a certificate including its key and trust flags from  an  NSS
86       database into a PKCS #12 file:
87
88
89              $ pki <NSS database location> <NSS database password> pkcs12-cert-import <nickname> \
90                  <PKCS #12 file> <PKCS #12 password>
91
92
93
94       If  the PKCS #12 file does not exist, it will be created automatically.
95       If the PKCS #12 file already exists, the certificate will be added into
96       the file.
97
98
99       The  trust  flags  can be overwritten with the --trust-flags parameter.
100       If the key is not needed, specify the --no-key parameter.
101
102
103   Modifying a certificate in a PKCS #12 file
104       To modify the trust flags of a certificate in a PKCS #12 file:
105
106
107              $ pki pkcs12-cert-mod <nickname> <PKCS #12 file> <PKCS #12 password> <trust flags>
108
109
110
111       The trust flags can be specified with the --trust-flags parameter.
112
113
114   Deleting a certificate from a PKCS #12 file
115       To delete a certificate and its key from a PKCS #12 file:
116
117
118              $ pki pkcs12-cert-del <nickname> <PKCS #12 file> <PKCS #12 password>
119
120
121

SEE ALSO

123       pki-pkcs12(1)
124
125

AUTHORS

127       Endi S. Dewata lt;edewata@redhat.comgt;.
128
129
131       Copyright (c) 2016 Red Hat, Inc.  This is licensed under the  GNU  Gen‐
132       eral  Public  License,  version  2  (GPLv2).  A copy of this license is
133       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
134
135
136
137PKI                              Oct 28, 2016               pki-pkcs12-cert(1)
Impressum