1pki-server-subsystem(8)     PKI Subsystem Commands     pki-server-subsystem(8)
2
3
4

NAME

6       pki-server-subsystem  - Command-line interface for managing PKI subsys‐
7       tems.
8
9

SYNOPSIS

11       pki-server [CLI-options] subsystem
12       pki-server [CLI-options] subsystem-find
13       pki-server [CLI-options] subsystem-show subsystem-ID
14       pki-server [CLI-options] subsystem-enable subsystem-ID
15       pki-server [CLI-options] subsystem-disable subsystem-ID
16       pki-server [CLI-options] subsystem-cert-find subsystem-ID
17       pki-server [CLI-options] subsystem-cert-show subsystem-ID cert-ID
18       pki-server [CLI-options] subsystem-cert-export subsystem-ID cert-ID
19       pki-server [CLI-options] subsystem-cert-update subsystem-ID cert-ID
20
21

DESCRIPTION

23       The pki-server subsystem commands provide  command-line  interfaces  to
24       manage  PKI  subsystems.   A  PKI  server instance consists of a single
25       Apache Tomcat instance that contains one or more PKI subsystems.  Valid
26       subsystem  identifiers are ca, kra, tks, ocsp and tps.  No instance may
27       have more than one of each type of subsystem.
28
29
30       pki-server subsystem commands perform operations on a specific  subsys‐
31       tem within a PKI server instance.  Consequently, all pki-server subsys‐
32       tem commands require specification of the  instance  ID  to  completely
33       identify the target subsystem.
34
35
36       Operations  that  are  available  include: listing subsystems in an in‐
37       stance; showing details about a subsystem; and enabling  and  disabling
38       subsystems.
39
40
41       pki-server [CLI-options] subsystem
42           This command is to list available subsystem commands.
43
44
45       pki-server [CLI-options] subsystem-find
46           This command is to list subsystems within a specific instance.
47
48
49       pki-server [CLI-options] subsystem-show subsystem-ID
50           This command is to view the details about a particular subsystem.
51
52
53       pki-server [CLI-options] subsystem-enable subsystem-ID
54           This command is to enable a particular subsystem.
55           Each subsystem consists of a web application within the Apache Tom‐
56       cat instance.
57           Enabling a subsystem means deploying the web  application  so  that
58       the application initializes
59           and  is accessible via the HTTP and HTTPS ports for the Apache Tom‐
60       cat instance.
61
62
63       Note: Each subsystem runs a set of self-tests  on  startup.   If  these
64       self-tests  fail, the subsystem will be disabled by undeploying the web
65       application.  The deployment status (enabled/disabled) of the subsystem
66       can  be  determined from the output of pki-server subsystem-show.  Once
67       the underlying problem is fixed, the subsystem should be re-enabled us‐
68       ing pki-server subsystem-enable.
69
70
71       pki-server [CLI-options] subsystem-disable subsystem-ID
72           This  command  is to disable a subsystem by undeploying the web ap‐
73       plication corresponding to the subsystem.
74           The subsystem will no longer be accessible through the  web  inter‐
75       faces.
76           This  is useful when specific subsystems need to be made inaccessi‐
77       ble for maintenance
78           as Apache Tomcat allows web applications to be  deployed/undeployed
79       while the instance is still running (hot deployment).
80
81
82       pki-server [CLI-options] subsystem-cert-find subsystem-ID
83           This command is to list system certificates in a particular subsys‐
84       tem.
85
86
87       pki-server [CLI-options] subsystem-cert-show subsystem-ID cert-ID
88           This command is to view the details about a system certificate in a
89       particular subsystem.
90
91
92       pki-server [CLI-options] subsystem-cert-export subsystem-ID cert-ID
93           This command is to export a system certificate in a particular sub‐
94       system.
95
96
97       pki-server [CLI-options] subsystem-cert-update subsystem-ID cert-ID
98           This command is to update a system certificate in a particular sub‐
99       system.
100
101

OPTIONS

103       The CLI options are described in pki-server(8).
104
105

OPERATIONS

107       To  view  available subsystem management commands, type pki-server sub‐
108       system.   To  view  each  command's  usage,  type  pki-server   subsys‐
109       tem-<command> --help.
110
111

AUTHORS

113       Ade Lee <alee@redhat.com>
114
115
117       Copyright  (c)  2015 Red Hat, Inc.  This is licensed under the GNU Gen‐
118       eral Public License, version 2 (GPLv2).  A  copy  of  this  license  is
119       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
120
121
122
123PKI                              July 15, 2015         pki-server-subsystem(8)
Impressum