diff options
| author | Endi S. Dewata <edewata@redhat.com> | 2014-08-28 19:11:42 -0400 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2014-08-28 22:57:32 -0400 |
| commit | 2f7e6de6c489a49f7a7be473e5752ef49472bbcc (patch) | |
| tree | 166ab9e406af0773cdd5b84b8998629896b2a661 /base/java-tools/man | |
| parent | 93a8e9aa5c68f50ca3a9c971691b58390d453950 (diff) | |
Fixed problems with CLI authentication parameters.
Previously specifying a security database password in the CLI would
require a certificate nickname to be specified as well. While this
is correct for client certificate authentication, it caused a
problem for operations that do not authenticate against the server
such as client-init. The CLI has been modified to require a security
database password only if the nickname is specified for client
certificate authentication.
Similar changes have been made to require user password only if
the username is specified for basic authentication.
The CLI also has been modified to store all specified parameters
in the config object regardless of parameter validation.
The manual page has been modified accordingly.
Ticket #1125
Diffstat (limited to 'base/java-tools/man')
| -rw-r--r-- | base/java-tools/man/man1/pki.1 | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1 index b5a35f1f6..4e77bd6eb 100644 --- a/base/java-tools/man/man1/pki.1 +++ b/base/java-tools/man/man1/pki.1 @@ -28,10 +28,10 @@ These services include certificates, groups, keys, security domains, and users. .SH CLI OPTIONS .TP .B -c <client security database password> -Specifies the client security database password (mutually exclusive to the '-C' option; requires the '-n' client authentication option). +Specifies the client security database password (mutually exclusive to the '-C' option). .TP .B -C <client-side password file> -Specifies the file which contains the client security database password (mutually exclusive to the '-c' option; requires the '-n' client authentication option). +Specifies the file which contains the client security database password (mutually exclusive to the '-c' option). .TP .B -d <client security database location> Specifies the client security database location (default: \fI~/.dogtag/nssdb\fP). @@ -49,7 +49,7 @@ Comma-separated list of ignored certificate validity statuses. Message format: xml (default), json. .TP .B -n <client certificate nickname> -Specifies the nickname of the client certificate (signifies client authentication which is mutually exclusive to the '-u' basic authentication option). +Specifies the nickname for client certificate authentication (mutually exclusive to the '-u' option). This authentication requires a security database password. .TP .B --output <folder> Folder to store HTTP messages. @@ -68,7 +68,7 @@ PKI subsystem type - [CA, KRA, OCSP, TKS, or TPS] (non-case-sensitive). Specifies the server URI. .TP .B -u <username> -Specifies the username (signifies basic authentication which is mutually exclusive to the '-n' client authentication option). +Specifies the username for basic authentication (mutually exclusive to the '-n' option). This authentication requires a user password. .TP .B -v Displays verbose information. @@ -77,10 +77,10 @@ Displays verbose information. Displays CLI version information. .TP .B -w <password> -Specifies the user password (mutually exclusive to the '-W' option; requires the '-u' basic authentication option). +Specifies the user password (mutually exclusive to the '-W' option). .TP .B -W <client-side password file> -Specifies the file which contains the user password (mutually exclusive to the '-w' option; requires the '-u' basic authentication option). +Specifies the file which contains the user password (mutually exclusive to the '-w' option). .SH OPERATIONS To view available commands and options, simply type \fBpki\fP. Some commands have sub-commands. |