Ubuntu Manpage: pki-server-instance - Command-Line Interface for managing Certificate System instances.

Provided by: pki-server_10.6.0-1ubuntu2_amd64

NAME

       pki-server-instance - Command-Line Interface for managing Certificate System instances.

SYNOPSIS

       pki-server [CLI options] instance
       pki-server [CLI options] instance-cert
       pki-server [CLI options] instance-cert-export
       pki-server [CLI options] instance-find
       pki-server [CLI options] instance-show <instance ID>
       pki-server [CLI options] instance-start <instance ID>
       pki-server [CLI options] instance-stop <instance ID>
       pki-server [CLI options] instance-migrate --tomcat <version> <instance ID>
       pki-server [CLI options] instance-nuxwdog-enable <instance ID>
       pki-server [CLI options] instance-nuxwdog-disable <instance ID>
       pki-server [CLI options] instance-externalcert-add -i <instance ID>
           --cert-file <path> --trust-args <args> --nickname <nickname> --token <token>
       pki-server [CLI options] instance-externalcert-del -i <instance ID>
           --nickname <nickname> --token <token>

DESCRIPTION

       The  pki-server  instance  commands  provide  command-line  interfaces  to manage Certificate Server (CS)
       instances.  A Certificate Server instance consists of a single Apache Tomcat instance that  contains  one
       or more CS subsystems.

       Operations  that  are  available include: listing and showing details about local instances; starting and
       stopping instances; performing instance migrations; and enabling or disabling password prompted  instance
       startup using nuxwdog.

       pki-server [CLI options] instance
           This command is to list available instance commands.

       pki-server [CLI options] instance-cert
           This command is to list available instance certificate commands.

       pki-server [CLI options] instance-cert-export
           This  command  is to export system certificates and keys to a PKCS #12 file.  The output filename and
           either a password or a password file are required.  If no nicknames are  specified,  all  the  system
           certificates will be exported.  Otherwise, it is possible to extract individual certificates (with or
           without their keys and trust arguments), and to append to an existing PKCS #12 file.

       pki-server [CLI options] instance-find
           This command is to list local CS instances.

       pki-server [CLI options] instance-show <instance ID>
           This command is to view a details about a particular instance.

       pki-server [CLI options] instance-start <instance ID>
           This  command  is  to  start a CS instance.  Note that currently this command cannot be used to start
           nuxwdog-enabled instances.

       pki-server [CLI options] instance-stop <instance ID>
           This command is to stop a CS instance. Note that currently  this  command  cannot  be  used  to  stop
           nuxwdog-enabled instances.

       pki-server [CLI options] instance-migrate --tomcat <version> <instance_ID>
           There  are  differences  in  configuration between Apache Tomcat 7 and Apache Tomcat 8.  This command
           reconfigures a CS instance to match the specified Tomcat  version.   This  command  can  be  used  to
           migrate  initially  created  under  Tomcat 7 when Tomcat is upgraded..  See pki-server migrate(8) for
           further details.

       pki-server [CLI options] instance-nuxwdog-enable <instance ID>
           This command is to convert a CS instance to start without  access  to  a  password  file,  using  the
           nuxwdog daemon.  See pki-server nuxwdog(8) for further details.

       pki-server [CLI options] instance-nuxwdog-disable <instance ID>
           This  command  is to convert a CS instance to start with access to a password file, rather than using
           the nuxwdog daemon.  See pki-server nuxwdog(8) for further details.

       pki-server [CLI options] instance-externalcert-add -i <instance ID>
           --cert-file <path> --trust-args <args> --nickname <nickname> --token <token>
           This command is to add a certificate to the certificate database for a CS instance.  The  certificate
           will  be  kept  track  of  in  the  configuration file external_certs.conf, and will automatically be
           exported when the system certificates are exported.  To update a certificate, the old one needs to be
           removed first using the delete command below.

           The trust arguments are those defined for NSS  databases  eg.  "C,c,c".   See  certutil(1)  for  more
           details.

       pki-server [CLI options] instance-externalcert-del -i <instance ID>
           --nickname <nickname> --token <token>
           This command is to remove a certificate from the certificate database for a CS instance.

OPTIONS

       The CLI options are described in pki-server(8).

OPERATIONS

       To  view available instance management commands, type pki-server instance.  To view each command's usage,
       type  pki-server instance-<command> --help.

       All pki-server commands must be executed as the system administrator.

AUTHORS

       Ade Lee <alee@redhat.com>

COPYRIGHT

       Copyright (c) 2015 Red Hat, Inc. This is licensed  under  the  GNU  General  Public  License,  version  2
       (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.

version 10.2                                      July 15, 2015                           pki-server-instance(8)