Provided by: pki-tps_11.0.3-4_all 
NAME
pki-server-tps - Command-Line Interface for managing PKI TPS.
SYNOPSIS
pki-server [CLI-options] tps-clone-prepare [command-options]
pki-server [CLI-options] tps-db-vlv-find [command-options]
pki-server [CLI-options] tps-db-vlv-add [command-options]
pki-server [CLI-options] tps-db-vlv-del [command-options]
pki-server [CLI-options] tps-db-vlv-reindex [command-options]
pki-server [CLI-options] tps-audit-event-find [command-options]
pki-server [CLI-options] tps-audit-event-enable [command-options] event-ID
pki-server [CLI-options] tps-audit-event-modify [command-options] event-ID
pki-server [CLI-options] tps-audit-event-disable [command-options] event-ID
pki-server [CLI-options] tps-audit-file-find [command-options]
pki-server [CLI-options] tps-audit-file-verify [command-options]
.SH DESCRIPTION
The pki-server tps commands provide command-line interfaces to manage PKI TPS.
pki-server [CLI-options] tps [command-options]
This command is to list available PKI TPS management commands.
pki-server [CLI-options] tps-clone-prepare [command-options]
This command export TPS system certificates into a PKCS #12 file with private keys.
pki-server [CLI-options] tps-db-vlv-find [command-options]
This command will list VLV records for TPS.
pki-server [CLI-options] tps-db-vlv-add [command-options]
This command will add VLV records for TPS.
pki-server [CLI-options] tps-db-vlv-del [command-options]
This command will delete VLV records for TPS.
pki-server [CLI-options] tps-db-vlv-reindex [command-options]
This command will reindex VLV records for TPS.
pki-server [CLI-options] tps-audit-event-find [command-options]
This command list all the audit events which are enabled/disabled.
pki-server [CLI-options] tps-audit-event-enable [command-options] event-ID
This command will enable audit events in the TPS.
pki-server [CLI-options] tps-audit-event-disable [command-options] event-ID
This command will disable audit events in the TPS.
pki-server [CLI-options] tps-audit-event-modify [command-options] event-ID
This command will modify the event filter for audit events.
pki-server [CLI-options] tps-audit-file-find [command-options]
This command lists audit log files generated by the TPS.
pki-server [CLI-options] tps-audit-file-verify [command-options]
This command will verify whether the signatures in the audit log files are valid.
AUDIT EVENTS
Logging audit events:
· AUDIT_LOG_STARTUP
· AUDIT_LOG_SHUTDOWN
· AUDIT_LOG_DELETE
· LOG_PATH_CHANGE
· LOG_EXPIRATION_CHANGE
· CONFIG_SIGNED_AUDIT
Authentication and authorization audit events:
· AUTHZ
· AUTH
· ROLE_ASSUME
· CONFIG_AUTH
· CONFIG_ROLE
· ACCESS_SESSION_ESTABLISH
· ACCESS_SESSION_TERMINATED
Key audit events:
· PRIVATE_KEY_ARCHIVE_REQUEST
· PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED
· PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS
· CONFIG_TRUSTED_PUBLIC_KEY
· PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE
· KEY_RECOVERY_REQUEST
· KEY_RECOVERY_REQUEST_ASYNC
· KEY_RECOVERY_AGENT_LOGIN
· KEY_RECOVERY_REQUEST_PROCESSED
· KEY_RECOVERY_REQUEST_PROCESSED_ASYNC
· KEY_GEN_ASYMMETRIC
· COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS
· COMPUTE_SESSION_KEY_REQUEST
· COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE
· DIVERSIFY_KEY_REQUEST
· DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS
· DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE
· SERVER_SIDE_KEYGEN_REQUEST
· SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS
· SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE
CMC audit events:
· CMC_RESPONSE_SENT
· CMC_ID_POP_LINK_WITNESS
· CMC_SIGNED_REQUEST_SIG_VERIFY
· CMC_PROOF_OF_IDENTIFICATION
· CMC_REQUEST_RECEIVED
· CMC_USER_SIGNED_REQUEST_SIG_VERIFY
· PROOF_OF_POSSESSION
Profile audit events:
· CONFIG_CERT_PROFILE
· CONFIG_CRL_PROFILE
· CONFIG_OCSP_PROFILE
Certificate audit events:
· CERT_SIGNING_INFO
· CERT_PROFILE_APPROVAL
· CERT_REQUEST_PROCESSED
· CERT_STATUS_CHANGE_REQUEST
· CERT_STATUS_CHANGE_REQUEST_PROCESSED
· CONFIG_CERT_POLICY
· PROFILE_CERT_REQUEST
· CIMC_CERT_VERIFICATION
· NON_PROFILE_CERT_REQUEST
ACL audit events:
· CONFIG_ACL
OCSP audit events:
· OCSP_SIGNING_INFO
· OCSP_GENERATION
CRL audit events:
· SCHEDULE_CRL_GENERATION
· DELTA_CRL_PUBLISHING
· CRL_VALIDATION
· CRL_RETRIEVAL
· CRL_SIGNING_INFO
· FULL_CRL_GENERATION
· DELTA_CRL_GENERATION
Authority audit events:
· AUTHORITY_CONFIG
· SECURITY_DOMAIN_UPDATE
· CONFIG_DRM
Selftest audit events:
· SELFTESTS_EXECUTION
Encryption data audit events:
· CONFIG_ENCRYPTION
· ENCRYPT_DATA_REQUEST
· ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS
· ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE
· COMPUTE_RANDOM_DATA_REQUEST
· COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE
· COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS
· SECURITY_DATA_ARCHIVAL_REQUEST
Serial/random number audit events:
· INTER_BOUNDARY
· CONFIG_SERIAL_NUMBER
· RANDOM_GENERATION
AUTHORS
Amol Kahat <akahat@redhat.com>.
COPYRIGHT
Copyright (c) 2018 Red Hat, Inc. This is licensed under the GNU General Public License,
version 2 (GPLv2). A copy of this license is available at
http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.