diff options
Diffstat (limited to 'base/java-tools/man')
-rw-r--r-- | base/java-tools/man/man1/pki-ca-profile.1 | 148 | ||||
-rw-r--r-- | base/java-tools/man/man1/pki.1 | 6 |
2 files changed, 154 insertions, 0 deletions
diff --git a/base/java-tools/man/man1/pki-ca-profile.1 b/base/java-tools/man/man1/pki-ca-profile.1 new file mode 100644 index 000000000..851e7d7e3 --- /dev/null +++ b/base/java-tools/man/man1/pki-ca-profile.1 @@ -0,0 +1,148 @@ +.\" First parameter, NAME, should be all caps +.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection +.\" other parameters are allowed: see man(7), man(1) +.TH pki-profile 1 "Sep 30, 2014" "version 10.2" "PKI Profile Management Commands" Dogtag Team +.\" Please adjust this date whenever revising the man page. +.\" +.\" Some roff macros, for reference: +.\" .nh disable hyphenation +.\" .hy enable hyphenation +.\" .ad l left justify +.\" .ad b justify to both left and right margins +.\" .nf disable filling +.\" .fi enable filling +.\" .br insert line break +.\" .sp <n> insert n+1 empty lines +.\" for man page specific macros, see man(7) +.SH NAME +pki-profile \- Command-Line Interface for managing Certificate System profiles. + +.SH SYNOPSIS +.nf +\fBpki\fR [CLI options] \fBca-profile\fR +\fBpki\fR [CLI options] \fBca-profile-find\fR [command options] +\fBpki\fR [CLI options] \fBca-profile-show <Profile ID> \fR [command options] +\fBpki\fR [CLI options] \fBca-profile-add <Input file path> \fR [command options] +\fBpki\fR [CLI options] \fBca-profile-mod <Input file path> \fR [command options] +\fBpki\fR [CLI options] \fBca-profile-del <Profile ID> \fR [command options] +\fBpki\fR [CLI options] \fBca-profile-enable <Profile ID> \fR [command options] +\fBpki\fR [CLI options] \fBca-profile-disable <Profile ID> \fR [command options] +.fi + +.SH DESCRIPTION +.PP +The \fBpki ca-profile\fR commands provide command-line interfaces to manage profiles on the CA. + +.PP +\fBpki\fR [CLI options] \fBca-profile-find\fR [command options] +.RS 4 +This command is to list the profiles. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-show <Profile ID>\fR [command options] +.RS 4 +This command is to view the details of a profile. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-add\fR <Input file path> [command options] +.RS 4 +This command is to create a new profile. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-mod <Input file path> \fR [command options] +.RS 4 +This command is to modify an existing profile. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-del\fR <Profile ID> [command options] +.RS 4 +This command is to delete a profile. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-enable\fR <Profile ID> [command options] +.RS 4 +This command is to enable a profile. +.RE +.PP +\fBpki\fR [CLI options] \fBca-profile-disable\fR <Profile ID> [command options] +.RS 4 +This command is to disable a profile. +.RE +.SH OPTIONS +The CLI options are described in \fBpki\fR(1). + +.SH OPERATIONS + +To view available profile commands, type \fBpki ca-profile\fP. To view each command's usage, type \fB pki ca-profile-<command> \-\-help\fP. + +All the ca-profile commands require agent authentication. + +.SS Viewing the profiles + +.B pki <agent authentication> ca-profile-find + +The \fBstart\fR and \fBsize\fR options can be used to specify the beginning and the size of the list. + +To view the contents of a profile: + +A set of profile inputs, profile outputs, authenticators, policies and constraints are defined in a profile. +These contents can be viewed using the following command: + +.B pki <agent authentication> ca-profile-show <Profile ID> + +To store the output of the above operation, the output option must be specified. + +.B pki <agent authentication> ca-profile-show <Profile ID> --output <FILE_PATH> + +This output file can be used for modifying the profile. +It can be used as a template for certificate enrollment as well but, a more suitable template can be fetched using the \fBpki cert-request-profile-show\fR command. +The \fBpki cert-request-profile-show\fR command does not require an agent/administrator level authentication and contains only the profile inputs section (which is required for certificate enrollment). + +.SS Add/Modify/Delete a profile + +.B pki <admin authentication> ca-profile-add <Input file path> + +The contents of the input file must be in an XML format returned by the profile-show command. +This data will be marshaled by the CLI client to create a new profile in the CA. +The profile must be disabled before it is modified. It must be enabled after modification to be used for +certificate enrollment. + +To modify an existing profile: + +.B pki <admin authentication> ca-profile-mod <Input file path> + +The profile data can be retrieved using the profile-show command and after editing the file, +it can be provided to the profile-mod command to modify an existing profile. + +To delete a profile in the CA: + +.B pki <admin authentication> ca-profile-del <Profile ID> + +.SS Enabling/Disabling a profile in the CA + +To enable a profile in the CA: + +.B pki <agent authenticaton> ca-profile-enable <Profile ID> + +A profile must be enabled before it can be used. + +To disable a profile in the CA: + +.B pki <agent authentication> ca-profile-disable <Profile ID> + +A profile must be disabled before it can be modified. + +.B Note: +Modifying or deleting a profile requires user(s) that have two roles (admin and agent). The same user may be in both roles. An agent +is needed to first disable the profile. Once the profile is disabled, it can be modified/deleted by an admin user. Then, an agent is needed to +enable the profile for use by the CA. + +.SH AUTHORS +Abhishek Koneru <akoneru@redhat.com>. + +.SH COPYRIGHT +Copyright (c) 2014 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt. + +.SH SEE ALSO +.BR pkispawn(8), +.BR pki(1) diff --git a/base/java-tools/man/man1/pki.1 b/base/java-tools/man/man1/pki.1 index 8e6af9fab..ac85f1314 100644 --- a/base/java-tools/man/man1/pki.1 +++ b/base/java-tools/man/man1/pki.1 @@ -260,6 +260,12 @@ Security domain management commands User management commands .RE +.PP +\fBpki-ca-profile\fR(1) +.RS 4 +Profile management commands +.RE + .SH AUTHORS Ade Lee <alee@redhat.com>, Endi Dewata <edewata@redhat.com>, and Matthew Harmsen <mharmsen@redhat.com>. |