summaryrefslogtreecommitdiffstats
path: root/base/java-tools/man/man1/pki.1
diff options
context:
space:
mode:
Diffstat (limited to 'base/java-tools/man/man1/pki.1')
-rw-r--r--base/java-tools/man/man1/pki.148
1 files changed, 25 insertions, 23 deletions
diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1
index cafe6080d..5729861e8 100644
--- a/base/java-tools/man/man1/pki.1
+++ b/base/java-tools/man/man1/pki.1
@@ -1,7 +1,7 @@
.\" First parameter, NAME, should be all caps
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
.\" other parameters are allowed: see man(7), man(1)
-.TH pki 1 "December 5, 2012" "version 1.0" "PKI Command-Line Interface (CLI) Tools" Ade Lee
+.TH pki 1 "December 13, 2012" "version 1.0" "PKI Command-Line Interface (CLI) Tools" Ade Lee
.\" Please adjust this date whenever revising the man page.
.\"
.\" Some roff macros, for reference:
@@ -27,7 +27,7 @@ pki [CLI options] <command> [command arguments]
.SH OPTIONS
.TP
.B -d <database>
-Specifies the certificate database to be utilized.
+Specifies the certificate database to be used.
.TP
.B -h <hostname>
Specifies the hostname (default: localhost).
@@ -39,19 +39,19 @@ Prints additional help information.
Specifies the certificate nickname.
.TP
.B -P <protocol>
-Specifies the protocol (default: http)
+Specifies the protocol (default: http).
.TP
.B -p <port>
-Specifies the port (default: 8080)
+Specifies the port (default: 8080).
.TP
.B -t <type>
-Specifies the type of subsystem (default: ca)
+Specifies the type of subsystem (default: ca).
.TP
.B -U <uri>
Specifies the server URI.
.TP
.B -u <username>
-Specifies the user name.
+Specifies the username.
.TP
.B -v
Displays verbose information.
@@ -63,10 +63,10 @@ Displays 'pki' CLI version information.
Specifies the password.
.SH OPERATIONS
-To view available commands and options, simply type \fBpki\fP. Some commands have sub-commands. To view the sub-commands, type \fBpki <command>\fP. To view each command's usage, type: \fB pki <command> --help\fP
+To view available commands and options, simply type \fBpki\fP. Some commands have sub-commands. To view the sub-commands, type \fBpki <command>\fP. To view each command's usage, type \fB pki <command> --help\fP.
.SS Connection
-By default, \fBpki\fP will connect to the non-secure (http) port of a CA server running on the localhost on port 8080. To specify a different location, parameters can be changed individually using the following options:
+By default, \fBpki\fP connects to the non-secure (HTTP) port of a CA server running on localhost on port 8080. To specify a different server location, use the appropriate arguements to give a different host (\fB-h\fP), port (\fB-p\fP), connection protocol (\fB-P\fP), or subsystem type (\fB-t\fP).
.B pki -P <protocol> -h <hostname> -p <port> -t <subsystem> <command>
@@ -74,31 +74,31 @@ Alternatively, the connection parameters can be specified as a URL:
.B pki -U <subsystem URL> <command>
-where the URL is of the format: https://<hostname>:<port>/<subsystem>.
+where the URL is of the format \fIhttps://<hostname>:<port>/<subsystem>\fP.
.SS Authentication
-Some commands require authentication. These are commands that are restricted to particular sets of users (agents, admins) or those operations involving certificate profiles that require authentication.
+Some commands require authentication. These are commands that are restricted to particular sets of users (such as agents or admins) or those operations involving certificate profiles that require authentication.
To execute a command without authentication:
.B pki <command>
-To authenticate with username and password:
+To authenticate with a username and password:
.B pki -u <username> -w <password> <command>
-To authenticate with client certificate:
+To authenticate with a client certificate:
-.B pki -d <certificate database directory> -w <certificate database password> -n <certificate nickname> <command>
+.B pki -d <certificate database directory> -w <certificate database password> -n "<certificate nickname>" <command>
-.SS Certificates
-Viewing certificates can be executed anonymously.
+.SS Viewing Certificates
+Certificates can be viewed anonymously.
To list all certificates:
.B pki cert-find
-It is also possible to search/list specific certificates by adding a search filter. Use \fBpki cert-find --help\fP to see options. An example invocation would be :
+It is also possible to search for and list specific certificates by adding a search filter. Use \fBpki cert-find --help\fP to see options. For example, to search based on issuance date:
.B pki cert-find --issuedOnFrom 2012-06-15
@@ -106,12 +106,13 @@ To view a particular certificate:
.B pki cert-show <certificate ID>
-Revoking, holding, or releasing a certificate must be executed as an agent.
+.SS Revoking Certificates
+Revoking, holding, or releasing a certificate must be executed as an agent user.
To revoke a certificate:
.B pki <agent authentication> cert-revoke <certificate ID>
-To place a certificate on-hold temporarily:
+To place a certificate on hold temporarily:
.B pki <agent authentication> cert-hold <certificate ID>
@@ -120,7 +121,7 @@ To release a certificate that has been placed on hold:
.B pki <agent authentication> cert-release-hold <certificate ID>
.SS Certificate Requests
-To request a certificate, first generate a certificate request in PKCS #10 or CRMF, and store this request in an XML file, for example:
+To request a certificate, first generate a certificate request in PKCS #10 or CRMF, and store this request in an XML file. For example:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
.br
@@ -155,6 +156,7 @@ To request a certificate, first generate a certificate request in PKCS #10 or CR
</InputAttrs>
<inputId>SubmitterInfoInput</inputId>
</Input>
+.br
</CertEnrollmentRequest>
Then submit the request for review. This can be done without authentication.
@@ -196,13 +198,13 @@ To delete a user from a group:
.B pki <admin authentication> group-remove-member <group ID> <Member ID>
-.SS Key Management Commands
-\fBpki\fP can be used with a KRA to find specific keys and key requests. This will be documented in more detail at a later time.
+.\".SS Key Management Commands
+.\"\fBpki\fP can be used with a KRA to find specific keys and key requests. This will be documented in more detail at a later time.
.SS Security Domain Commands
\fBpki\fP can be used to access certain information from the security domain.
-To get an installation token (used when installing a new subsystem within a security domain), the following command can be run.
+To get an installation token (used when installing a new subsystem within a security domain):
\fBpki <security domain admin authentication> securitydomain-get-install-token --hostname <hostname> --subsystem <subsystem>\fP
@@ -223,7 +225,7 @@ To view a particular user:
To add a user:
-.B pki <admin authentication> user-add <user ID> --fullName <full name>
+.B pki <admin authentication> user-add <user ID> --fullName "<full name>"
To delete a user:
generated by cgit (git 2.34.1) at 2024-04-20 01:06:23 +0000