From 27e27f8b63bc4c45d25a8bc5e07ac3a8e199565e Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" Date: Mon, 6 Oct 2014 12:20:42 -0400 Subject: Added CLI to import/export certificates with private keys. New CLI commands have been added to import/export certificates and private keys into/from the client security database. The CLI can also be used to generate the file needed by Python client library for client certificate authentication. --- base/java-tools/man/man1/pki-client.1 | 48 ++++++++++++++++++++++++++++++++--- 1 file changed, 44 insertions(+), 4 deletions(-) (limited to 'base/java-tools/man') diff --git a/base/java-tools/man/man1/pki-client.1 b/base/java-tools/man/man1/pki-client.1 index 0364f84ef..65e618555 100644 --- a/base/java-tools/man/man1/pki-client.1 +++ b/base/java-tools/man/man1/pki-client.1 @@ -22,7 +22,9 @@ pki-client \- Command-Line Interface for managing the security database on Certi \fBpki\fR [CLI options] \fBclient-init\fR [command options] \fBpki\fR [CLI options] \fBclient-cert-find\fR [command options] \fBpki\fR [CLI options] \fBclient-cert-request\fR [command options] -\fBpki\fR [CLI options] \fBclient-cert-import\fR [command options] +\fBpki\fR [CLI options] \fBclient-cert-import\fR [nickname] [command options] +\fBpki\fR [CLI options] \fBclient-cert-mod\fR [command options] +\fBpki\fR [CLI options] \fBclient-cert-show\fR [command options] \fBpki\fR [CLI options] \fBclient-cert-del\fR [command options] .fi @@ -50,7 +52,17 @@ This command is to list certificates in the client security database. This command is to generate and submit a certificate request. .RE .PP -\fBpki\fR [CLI options] \fBclient-cert-import\fR [command options] +\fBpki\fR [CLI options] \fBclient-cert-import\fR [nickname] [command options] +.RS 4 +This command is to import a certificate into the client security database. +.RE +.PP +\fBpki\fR [CLI options] \fBclient-cert-mod\fR [command options] +.RS 4 +This command is to modify a certificate in the client security database. +.RE +.PP +\fBpki\fR [CLI options] \fBclient-cert-show\fR [command options] .RS 4 This command is to view a certificate in the client security database. .RE @@ -80,11 +92,15 @@ To request a certificate: To import a certificate from a file into the security database: -.B pki -d -c client-cert-import --cert +.B pki -d -c client-cert-import --cert To import a CA certificate from a file into the security database: -.B pki -d -c client-cert-import --ca-cert +.B pki -d -c client-cert-import --ca-cert + +To import certificates and private keys from a PKCS #12 file into the security database: + +.B pki -d -c client-cert-import --pkcs12 --pkcs12-password To import a certificate from CA server into the security database: @@ -94,6 +110,30 @@ To import a CA certificate from CA server into the security database: .B pki -d -c client-cert-import --ca-server +To modify a certificate's trust attributes in the security database: + +.B pki -d -c client-cert-mod --trust + +To display a certificate in the security database: + +.B pki -d -c client-cert-show + +To export a certificate from the security database into a PEM file: + +.B pki -d -c client-cert-show --cert + +To export a certificate chain with the private key from the security database into a PKCS #12 file: + +.B pki -d -c client-cert-show --pkcs12 --pkcs12-password + +To export a certificate chain with the private key with a password file: + +.B pki -d -c client-cert-show --pkcs12 --pkcs12-password-file + +To export a client certificate with the private key from the security database into a PEM file: + +.B pki -d -c client-cert-show --client-cert + To delete a certificate from the security database: .B pki -d -c client-cert-del -- cgit