1pkidaemon(1) pkidaemon pkidaemon(1)
2
6 pkidaemon - provides status management of PKI instances
7
10 pkidaemon lt;start|statusgt; lt;instance-namegt;
11 Note: Although this tool currently resides in the /usr/bin directory,
14 proper use of it requires it to be run with super user privileges.
15
18 The pkidaemon status argument provides a way to display the status of a
19 PKI instance.
20 The pkidaemon start argument is currently only used internally by the
23 systemctl scripts.
24
27 For the following examples, two instances were installed. The first
28 contained a CA, KRA, OCSP, TKS and TPS in a shared PKI instance named
29 'pki-tomcat', while the second simply contained a CA running on differ‐
30 ent ports and named 'pki-tomcat-2'.
31 For the OCSP 'Unsecure URL' and the OCSP 'Secure EE URL' which both
34 specify a static string of 'lt;ocsp request blobgt;', the intention is
35 for the user to replace this static string with an actual OCSP request
36 blob relevant to their particular deployment.
37 Listing the status of the PKI instance named 'pki-tomcat':
40 $ pkidaemon status pki-tomcat
41 Status for pki-tomcat: pki-tomcat is running ..
43 [CA Status Definitions]
45 Unsecure URL = http://pki.example.com:8080/ca/ee/ca
46 Secure Agent URL = https://pki.example.com:8443/ca/agent/ca
47 Secure EE URL = https://pki.example.com:8443/ca/ee/ca
48 Secure Admin URL = https://pki.example.com:8443/ca/services
49 PKI Console Command = pkiconsole https://pki.example.com:8443/ca
50 Tomcat Port = 8005 (for shutdown)
51 [KRA Status Definitions]
53 Secure Agent URL = https://pki.example.com:8443/kra/agent/kra
54 Secure Admin URL = https://pki.example.com:8443/kra/services
55 PKI Console Command = pkiconsole https://pki.example.com:8443/kra
56 Tomcat Port = 8005 (for shutdown)
57 [OCSP Status Definitions]
59 Unsecure URL = http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob>
60 Secure Agent URL = https://pki.example.com:8443/ocsp/agent/ocsp
61 Secure EE URL = https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob>
62 Secure Admin URL = https://pki.example.com:8443/ocsp/services
63 PKI Console Command = pkiconsole https://pki.example.com:8443/ocsp
64 Tomcat Port = 8005 (for shutdown)
65 [TKS Status Definitions]
67 Secure Agent URL = https://pki.example.com:8443/tks/agent/tks
68 Secure Admin URL = https://pki.example.com:8443/tks/services
69 PKI Console Command = pkiconsole https://pki.example.com:8443/tks
70 Tomcat Port = 8005 (for shutdown)
71 [TPS Status Definitions]
73 Unsecure URL = http://pki.example.com:8080/tps
74 Secure URL = https://pki.example.com:8443/tps
75 Unsecure PHONE HOME = http://pki.example.com:8080/tps/phoneHome
76 Secure PHONE HOME = https://pki.example.com:8443/tps/phoneHome
77 Tomcat Port = 8005 (for shutdown)
78 [CA Configuration Definitions]
80 PKI Instance Name: pki-tomcat
81 PKI Subsystem Type: Root CA (Security Domain)
83 Registered PKI Security Domain Information:
85 ====================================================================
86 Name: example.com Security Domain
87 URL: https://pki.example.com:8443
88 ====================================================================
89 [KRA Configuration Definitions]
91 PKI Instance Name: pki-tomcat
92 PKI Subsystem Type: KRA
94 Registered PKI Security Domain Information:
96 ====================================================================
97 Name: example.com Security Domain
98 URL: https://pki.example.com:8443
99 ====================================================================
100 [OCSP Configuration Definitions]
102 PKI Instance Name: pki-tomcat
103 PKI Subsystem Type: OCSP
105 Registered PKI Security Domain Information:
107 ====================================================================
108 Name: example.com Security Domain
109 URL: https://pki.example.com:8443
110 ====================================================================
111 [TKS Configuration Definitions]
113 PKI Instance Name: pki-tomcat
114 PKI Subsystem Type: TKS
116 Registered PKI Security Domain Information:
118 ====================================================================
119 Name: example.com Security Domain
120 URL: https://pki.example.com:8443
121 ====================================================================
122 [TPS Configuration Definitions]
124 PKI Instance Name: pki-tomcat
125 PKI Subsystem Type: TPS
127 Registered PKI Security Domain Information:
129 ====================================================================
130 Name: example.com Security Domain
131 URL: https://pki.example.com:8443
132 ====================================================================
133 Listing the status of the PKI instance named 'pki-tomcat-2':
137 $ pkidaemon status pki-tomcat-2
138 Status for pki-tomcat-2: pki-tomcat-2 is running ..
140 [CA Status Definitions]
142 Unsecure URL = http://pki.example.com:18080/ca/ee/ca
143 Secure Agent URL = https://pki.example.com:18443/ca/agent/ca
144 Secure EE URL = https://pki.example.com:18443/ca/ee/ca
145 Secure Admin URL = https://pki.example.com:18443/ca/services
146 PKI Console Command = pkiconsole https://pki.example.com:18443/ca
147 Tomcat Port = 18005 (for shutdown)
148 [CA Configuration Definitions]
150 PKI Instance Name: pki-tomcat-2
151 PKI Subsystem Type: Root CA (Security Domain)
153 Registered PKI Security Domain Information:
155 ====================================================================
156 Name: example.com Security Domain
157 URL: https://pki.example.com:18443
158 ====================================================================
159
163 pkispawn(8)
164 pkidestroy(8)
165 pki_default.cfg(5)
166 pki(1)
167
170 Matthew Harmsen lt;mharmsen@redhat.comgt;.
171
174 Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU Gen‐
175 eral Public License, version 2 (GPLv2). A copy of this license is
176 available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
177PKI Jul 8, 2015 pkidaemon(1)