Provided by: pki-server_11.2.1-2_amd64 bug

NAME

       pki-server-instance - Command-line interface for managing PKI server instances.

SYNOPSIS

       pki-server [CLI-options] instance
       pki-server [CLI-options] instance-cert
       pki-server [CLI-options] instance-cert-export
       pki-server [CLI-options] instance-find
       pki-server [CLI-options] instance-show instance-ID
       pki-server [CLI-options] instance-start instance-ID
       pki-server [CLI-options] instance-stop instance-ID
       pki-server [CLI-options] instance-migrate --tomcat version instance-ID
       pki-server [CLI-options] instance-nuxwdog-enable instance-ID
       pki-server [CLI-options] instance-nuxwdog-disable instance-ID
       pki-server   [CLI-options]   instance-externalcert-add  -i  instance-ID  --cert-file  path
       --trust-args args --nickname nickname --token token
       pki-server [CLI-options]  instance-externalcert-del  -i  instance-ID  --nickname  nickname
       --token token

DESCRIPTION

       The  pki-server  instance  commands  provide  command-line interfaces to manage PKI server
       instances.  A PKI server instance  consists  of  a  single  Apache  Tomcat  instance  that
       contains one or more subsystems.

       Operations  that are available include: listing and showing details about local instances;
       starting and stopping instances; performing instance migrations; and enabling or disabling
       password prompted instance startup using nuxwdog.

       pki-server [CLI-options] instance
           This command is to list available instance commands.

       pki-server [CLI-options] instance-cert
           This command is to list available instance certificate commands.

       pki-server [CLI-options] instance-cert-export
           This command is to export system certificates and keys to a PKCS #12 file.
           The output filename and either a password or a password file are required.
           If no nicknames are specified, all the system certificates will be exported.
           Otherwise,  it  is  possible to extract individual certificates (with or without their
       keys and trust arguments),
           and to append to an existing PKCS #12 file.

       pki-server [CLI-options] instance-find
           This command is to list local PKI server instances.

       pki-server [CLI-options] instance-show instance-ID
           This command is to view a details about a particular instance.

       pki-server [CLI-options] instance-start instance-ID
           This command is to start a PKI server instance.
           Note that currently this command cannot be used to start nuxwdog-enabled instances.

       pki-server [CLI-options] instance-stop instance-ID
           This command is to stop a PKI server instance.
           Note that currently this command cannot be used to stop nuxwdog-enabled instances.

       pki-server [CLI-options] instance-migrate --tomcat version instance-ID
           There are differences in configuration between Apache Tomcat 7 and Apache Tomcat 8.
           This command reconfigures a PKI server instance to match the specified Tomcat version.
           This command can be used to migrate initially created under Tomcat 7  when  Tomcat  is
       upgraded.
           See pki-server migrate(8) for further details.

       pki-server [CLI-options] instance-nuxwdog-enable instance-ID
           This command is to convert a PKI server instance to start without access to a password
       file,
           using the nuxwdog daemon.  See pki-server nuxwdog(8) for further details.

       pki-server [CLI-options] instance-nuxwdog-disable instance-ID
           This command is to convert a PKI server instance to start with access  to  a  password
       file,
           rather than using the nuxwdog daemon.  See pki-server nuxwdog(8) for further details.

       pki-server   [CLI-options]   instance-externalcert-add  -i  instance-ID  --cert-file  path
       --trust-args args --nickname nickname --token token
           This command is to add a certificate to the certificate  database  for  a  PKI  server
       instance.
           The certificate will be kept track of in the configuration file external_certs.conf,
           and will automatically be exported when the system certificates are exported.
           To  update  a  certificate,  the  old  one  needs to be removed first using the delete
       command below.
           The trust arguments are those defined for NSS databases, e.g. "CT,C,C".
           See certutil(1) for more details.

       pki-server [CLI-options]  instance-externalcert-del  -i  instance-ID  --nickname  nickname
       --token token
           This command is to remove a certificate from the certificate database for a PKI server
       instance.

OPTIONS

       The CLI options are described in pki-server(8).

OPERATIONS

       To view available instance management commands, type pki-server instance.   To  view  each
       command's usage, type pki-server instance-<command> --help.

AUTHORS

       Ade Lee <alee@redhat.com>.

COPYRIGHT

       Copyright  (c)  2015 Red Hat, Inc.  This is licensed under the GNU General Public License,
       version    2    (GPLv2).     A    copy    of    this    license    is     available     at
       http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.