diff options
| -rw-r--r-- | base/java-tools/man/man1/pki.1 | 7 | ||||
| -rw-r--r-- | base/server/src/engine/pkihelper.py | 7 |
2 files changed, 8 insertions, 6 deletions
diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1 index a18117bba..ec0af7c3d 100644 --- a/base/java-tools/man/man1/pki.1 +++ b/base/java-tools/man/man1/pki.1 @@ -26,6 +26,9 @@ pki [CLI options] <command> [command arguments] .SH OPTIONS .TP +.B -c <database password> +Specifies the certificate database password. +.TP .B -d <database> Specifies the certificate database to be used. .TP @@ -60,7 +63,7 @@ Displays verbose information. Displays 'pki' CLI version information. .TP .B -w <password> -Specifies the password. +Specifies the user password. .SH OPERATIONS To view available commands and options, simply type \fBpki\fP. Some commands have sub-commands. To view the sub-commands, type \fBpki <command>\fP. To view each command's usage, type \fB pki <command> --help\fP. @@ -89,7 +92,7 @@ To authenticate with a username and password: To authenticate with a client certificate: -.B pki -d <certificate database directory> -w <certificate database password> -n "<certificate nickname>" <command> +.B pki -d <certificate database directory> -c <certificate database password> -n "<certificate nickname>" <command> .SS Viewing Certificates Certificates can be viewed anonymously. diff --git a/base/server/src/engine/pkihelper.py b/base/server/src/engine/pkihelper.py index 1ff50cd13..e7735d8d3 100644 --- a/base/server/src/engine/pkihelper.py +++ b/base/server/src/engine/pkihelper.py @@ -2594,8 +2594,7 @@ class kra_connector: def execute_using_pki(self, caport, cahost, subsystemnick, token_pwd, krahost, kraport, critical_failure=False): - command = "/bin/pki -p '{}' -h '{}' -n '{}' -P https -d '{}' -w '{}' "\ - "--ignore-cert-status UNTRUSTED_ISSUER "\ + command = "/bin/pki -p '{}' -h '{}' -n '{}' -P https -d '{}' -c '{}' "\ "kraconnector-del {} {}".format( caport, cahost, subsystemnick, master['pki_database_path'], @@ -2858,11 +2857,11 @@ class security_domain: secadminport = cs_cfg.get('securitydomain.httpsadminport') secselect = cs_cfg.get('securitydomain.select') - command = "/bin/pki -p '{}' -h '{}' -P https -u '{}' -w '{}' "\ - "--ignore-cert-status UNTRUSTED_ISSUER "\ + command = "/bin/pki -p '{}' -h '{}' -P https -u '{}' -w '{}' -d '{}' "\ "securitydomain-get-install-token --hostname {} "\ "--subsystem {}".format( secadminport, sechost, secuser, secpass, + master['pki_database_path'], machinename, cstype) try: output = subprocess.check_output(command, |