Provided by: pki-tks_11.2.1-2_all
NAME
pki-server-tks - Command-line interface for managing PKI TKS.
SYNOPSIS
pki-server [CLI-options] tks-clone-prepare [command-options] pki-server [CLI-options] tks-audit-event-find [command-options] pki-server [CLI-options] tks-audit-event-enable [command-options] event-ID pki-server [CLI-options] tks-audit-event-modify [command-options] event-ID pki-server [CLI-options] tks-audit-event-disable [command-options] event-ID pki-server [CLI-options] tks-audit-file-find [command-options] pki-server [CLI-options] tks-audit-file-verify [command-options]
DESCRIPTION
The pki-server tks commands provide command-line interfaces to manage PKI TKS. pki-server [CLI-options] tks [command-options] This command is to list available PKI TKS management commands. pki-server [CLI-options] tks-clone-prepare [command-options] This command export TKS system certificates into a PKCS #12 file with private keys. pki-server [CLI-options] tks-audit-event-find [command-options] This command list all the audit events which are enabled/disabled. pki-server [CLI-options] tks-audit-event-enable [command-options] event-ID This command will enable audit events in the TKS. pki-server [CLI-options] tks-audit-event-disable [command-options] event-ID This command will disable audit events in the TKS. pki-server [CLI-options] tks-audit-event-modify [command-options] event-ID This command will modify the event filter for audit events. pki-server [CLI-options] tks-audit-file-find [command-options] This command lists audit log file generated by the TKS. pki-server [CLI-options] tks-audit-file-verify [command-options] This command will verify whether the signatures in the audit log files are valid.
AUDIT EVENTS
Logging audit events: • AUDIT_LOG_STARTUP • AUDIT_LOG_SHUTDOWN • AUDIT_LOG_DELETE • LOG_PATH_CHANGE • LOG_EXPIRATION_CHANGE • CONFIG_SIGNED_AUDIT Authentication and authorization audit events: • AUTHZ • AUTH • ROLE_ASSUME • CONFIG_AUTH • CONFIG_ROLE • ACCESS_SESSION_ESTABLISH • ACCESS_SESSION_TERMINATED Key audit events: • PRIVATE_KEY_ARCHIVE_REQUEST • PRIVATE_KEY_ARCHIVE_REQUEST_PROCESSED • PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_SUCCESS • CONFIG_TRUSTED_PUBLIC_KEY • PRIVATE_KEY_EXPORT_REQUEST_PROCESSED_FAILURE • KEY_RECOVERY_REQUEST • KEY_RECOVERY_REQUEST_ASYNC • KEY_RECOVERY_AGENT_LOGIN • KEY_RECOVERY_REQUEST_PROCESSED • KEY_RECOVERY_REQUEST_PROCESSED_ASYNC • KEY_GEN_ASYMMETRIC • COMPUTE_SESSION_KEY_REQUEST_PROCESSED_SUCCESS • COMPUTE_SESSION_KEY_REQUEST • COMPUTE_SESSION_KEY_REQUEST_PROCESSED_FAILURE • DIVERSIFY_KEY_REQUEST • DIVERSIFY_KEY_REQUEST_PROCESSED_SUCCESS • DIVERSIFY_KEY_REQUEST_PROCESSED_FAILURE • SERVER_SIDE_KEYGEN_REQUEST • SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_SUCCESS • SERVER_SIDE_KEYGEN_REQUEST_PROCESSED_FAILURE CMC audit events: • CMC_RESPONSE_SENT • CMC_ID_POP_LINK_WITNESS • CMC_SIGNED_REQUEST_SIG_VERIFY • CMC_PROOF_OF_IDENTIFICATION • CMC_REQUEST_RECEIVED • CMC_USER_SIGNED_REQUEST_SIG_VERIFY • PROOF_OF_POSSESSION Profile audit events: • CONFIG_CERT_PROFILE • CONFIG_CRL_PROFILE • CONFIG_OCSP_PROFILE Certificate audit events: • CERT_SIGNING_INFO • CERT_PROFILE_APPROVAL • CERT_REQUEST_PROCESSED • CERT_STATUS_CHANGE_REQUEST • CERT_STATUS_CHANGE_REQUEST_PROCESSED • CONFIG_CERT_POLICY • PROFILE_CERT_REQUEST • CIMC_CERT_VERIFICATION • NON_PROFILE_CERT_REQUEST ACL audit events: • CONFIG_ACL OCSP audit events: • OCSP_SIGNING_INFO • OCSP_GENERATION CRL audit events: • SCHEDULE_CRL_GENERATION • DELTA_CRL_PUBLISHING • CRL_VALIDATION • CRL_RETRIEVAL • CRL_SIGNING_INFO • FULL_CRL_GENERATION • DELTA_CRL_GENERATION Authority audit events: • AUTHORITY_CONFIG • SECURITY_DOMAIN_UPDATE • CONFIG_DRM Selftest audit events: • SELFTESTS_EXECUTION Encryption data audit events: • CONFIG_ENCRYPTION • ENCRYPT_DATA_REQUEST • ENCRYPT_DATA_REQUEST_PROCESSED_SUCCESS • ENCRYPT_DATA_REQUEST_PROCESSED_FAILURE • COMPUTE_RANDOM_DATA_REQUEST • COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_FAILURE • COMPUTE_RANDOM_DATA_REQUEST_PROCESSED_SUCCESS • SECURITY_DATA_ARCHIVAL_REQUEST Serial/random number audit events: • INTER_BOUNDARY • CONFIG_SERIAL_NUMBER • RANDOM_GENERATION
SEE ALSO
pki-server(8) PKI server management commands
AUTHORS
Amol Kahat <akahat@redhat.com>.
COPYRIGHT
Copyright (c) 2018 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.