Add a man page for profile CLI commands.

2 files changed, 154 insertions, 0 deletions

diff --git a/base/java-tools/man/man1/pki-ca-profile.1 b/base/java-tools/man/man1/pki-ca-profile.1
new file mode 100644
index 000000000..851e7d7e3
--- /dev/null
+++ b/base/java-tools/man/man1/pki-ca-profile.1
@@ -0,0 +1,148 @@
+.\" First parameter, NAME, should be all caps
+.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
+.\" other parameters are allowed: see man(7), man(1)
+.TH pki-profile 1 "Sep 30, 2014" "version 10.2" "PKI Profile Management Commands" Dogtag Team
+.\" Please adjust this date whenever revising the man page.
+.\"
+.\" Some roff macros, for reference:
+.\" .nh        disable hyphenation
+.\" .hy        enable hyphenation
+.\" .ad l      left justify
+.\" .ad b      justify to both left and right margins
+.\" .nf        disable filling
+.\" .fi        enable filling
+.\" .br        insert line break
+.\" .sp <n>    insert n+1 empty lines
+.\" for man page specific macros, see man(7)
+.SH NAME
+pki-profile \- Command-Line Interface for managing Certificate System profiles.
+
+.SH SYNOPSIS
+.nf
+\fBpki\fR [CLI options] \fBca-profile\fR
+\fBpki\fR [CLI options] \fBca-profile-find\fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-show <Profile ID> \fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-add <Input file path> \fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-mod <Input file path> \fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-del <Profile ID> \fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-enable <Profile ID> \fR [command options]
+\fBpki\fR [CLI options] \fBca-profile-disable <Profile ID> \fR  [command options]
+.fi
+
+.SH DESCRIPTION
+.PP
+The \fBpki ca-profile\fR commands provide command-line interfaces to manage profiles on the CA.
+
+.PP
+\fBpki\fR [CLI options] \fBca-profile-find\fR [command options]
+.RS 4
+This command is to list the profiles.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-show <Profile ID>\fR [command options]
+.RS 4
+This command is to view the details of a profile.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-add\fR <Input file path> [command options]
+.RS 4
+This command is to create a new profile.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-mod <Input file path> \fR [command options]
+.RS 4
+This command is to modify an existing profile.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-del\fR <Profile ID> [command options]
+.RS 4
+This command is to delete a profile.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-enable\fR <Profile ID> [command options]
+.RS 4
+This command is to enable a profile.
+.RE
+.PP
+\fBpki\fR [CLI options] \fBca-profile-disable\fR <Profile ID> [command options]
+.RS 4
+This command is to disable a profile.
+.RE
+.SH OPTIONS
+The CLI options are described in \fBpki\fR(1).
+
+.SH OPERATIONS
+
+To view available profile commands, type \fBpki ca-profile\fP. To view each command's usage, type \fB pki ca-profile-<command> \-\-help\fP.
+
+All the ca-profile commands require agent authentication.
+
+.SS Viewing the profiles
+
+.B pki <agent authentication> ca-profile-find
+
+The \fBstart\fR and \fBsize\fR options can be used to specify the beginning and the size of the list.
+
+To view the contents of a profile:
+
+A set of profile inputs, profile outputs, authenticators, policies and constraints are defined in a profile.
+These contents can be viewed using the following command:
+
+.B pki <agent authentication> ca-profile-show <Profile ID>
+
+To store the output of the above operation, the output option must be specified.
+
+.B pki <agent authentication> ca-profile-show <Profile ID> --output <FILE_PATH>
+
+This output file can be used for modifying the profile.
+It can be used as a template for certificate enrollment as well but, a more suitable template can be fetched using the \fBpki cert-request-profile-show\fR command.
+The \fBpki cert-request-profile-show\fR command does not require an agent/administrator level authentication and contains only the profile inputs section (which is required for certificate enrollment).
+
+.SS Add/Modify/Delete a profile
+
+.B pki <admin authentication> ca-profile-add <Input file path>
+
+The contents of the input file must be in an XML format returned by the profile-show command.
+This data will be marshaled by the CLI client to create a new profile in the CA.
+The profile must be disabled before it is modified. It must be enabled after modification to be used for
+certificate enrollment.
+
+To modify an existing profile:
+
+.B pki <admin authentication> ca-profile-mod <Input file path>
+
+The profile data can be retrieved using the profile-show command and after editing the file,
+it can be provided to the profile-mod command to modify an existing profile.
+
+To delete a profile in the CA:
+
+.B pki <admin authentication> ca-profile-del <Profile ID>
+
+.SS Enabling/Disabling a profile in the CA
+
+To enable a profile in the CA:
+
+.B pki <agent authenticaton> ca-profile-enable <Profile ID>
+
+A profile must be enabled before it can be used.
+
+To disable a profile in the CA:
+
+.B pki <agent authentication> ca-profile-disable <Profile ID>
+
+A profile must be disabled before it can be modified.
+
+.B Note:
+Modifying or deleting a profile requires user(s) that have two roles (admin and agent).  The same user may be in both roles.  An agent
+is needed to first disable the profile.  Once the profile is disabled, it can be modified/deleted by an admin user.  Then, an agent is needed to
+enable the profile for use by the CA.
+
+.SH AUTHORS
+Abhishek Koneru <akoneru@redhat.com>.
+
+.SH COPYRIGHT
+Copyright (c) 2014 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
+
+.SH SEE ALSO
+.BR pkispawn(8),
+.BR pki(1)
diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1
index 8e6af9fab..ac85f1314 100644
--- a/base/java-tools/man/man1/pki.1
+++ b/base/java-tools/man/man1/pki.1
@@ -260,6 +260,12 @@ Security domain management commands
 User management commands
 .RE
 
+.PP
+\fBpki-ca-profile\fR(1)
+.RS 4
+Profile management commands
+.RE
+
 .SH AUTHORS
 Ade Lee <alee@redhat.com>, Endi Dewata <edewata@redhat.com>, and Matthew Harmsen <mharmsen@redhat.com>.