diff options
author | Jan Cholasta <jcholast@redhat.com> | 2014-06-13 14:49:29 +0200 |
---|---|---|
committer | Petr Viktorin <pviktori@redhat.com> | 2014-07-30 16:04:21 +0200 |
commit | 8bbdfff102849c0f573e56530a734643a568e0dd (patch) | |
tree | 3cb54cd77d1eb942a64fb612c525f9cd6f0b9477 /install | |
parent | 1b8a1e5564e634ab9358ac176f586d563220542c (diff) | |
download | freeipa-8bbdfff102849c0f573e56530a734643a568e0dd.tar.gz freeipa-8bbdfff102849c0f573e56530a734643a568e0dd.tar.xz freeipa-8bbdfff102849c0f573e56530a734643a568e0dd.zip |
Allow adding CA certificates to certificate store in ipa-cacert-manage.
Part of https://fedorahosted.org/freeipa/ticket/3737
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'install')
-rw-r--r-- | install/tools/man/ipa-cacert-manage.1 | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/install/tools/man/ipa-cacert-manage.1 b/install/tools/man/ipa-cacert-manage.1 index cf42b2457..3006be7fc 100644 --- a/install/tools/man/ipa-cacert-manage.1 +++ b/install/tools/man/ipa-cacert-manage.1 @@ -37,6 +37,13 @@ When the IPA CA is subordinate of an external CA, the renewal process involves s .sp When the IPA CA is not configured, this command is not available. .RE +.TP +\fBinstall\fR +\- Install a CA certificate +.sp +.RS +This command can be used to install new CA certificate to IPA. +.RE .SH "OPTIONS" .TP \fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR @@ -54,6 +61,22 @@ PEM file containing a certificate signed by the external CA. Must be given with \fB\-\-external\-ca\-file\fR=\fIFILE\fR PEM file containing the external CA chain. .TP +\fB\-n\fR \fINICKNAME\fR, \fB\-\-nickname\fR=\fINICKNAME\fR +Nickname for the certificate. +.TP +\fB\-t\fR \fITRUST_FLAGS\fR, \fB\-\-trust\-flags\fR=\fITRUST_FLAGS\fR +Trust flags for the certificate in certutil format. Trust flags are of the form "X,Y,Z" where X is for SSL, Y is for S/MIME, and Z is for code signing. Use ",," for no explicit trust. +.sp +The supported trust flags are: +.RS +.IP +C \- CA trusted to issue server certificates +.IP +T \- CA trusted to issue client certificates +.IP +p \- not trusted +.RE +.TP \fB\-v\fR, \fB\-\-verbose\fR Print debugging information. .TP |