Exporting PKI System Certificates - dogtagpki/freeipa GitHub Wiki
$ pki \
-d /etc/pki/pki-tomcat/alias \
-f /etc/pki/pki-tomcat/password.conf \
pkcs12-export \
--pkcs12 server.p12 \
--pkcs12-password Secret.123
$ echo "-----BEGIN CERTIFICATE REQUEST-----" > ca_signing.csr $ pki-server ca-config-show ca.signing.certreq >> ca_signing.csr $ echo "-----END CERTIFICATE REQUEST-----" >> ca_signing.csr
$ echo "-----BEGIN CERTIFICATE REQUEST-----" > ocsp_signing.csr $ pki-server ca-config-show ca.ocsp_signing.certreq >> ocsp_signing.csr $ echo "-----END CERTIFICATE REQUEST-----" >> ocsp_signing.csr
$ echo "-----BEGIN CERTIFICATE REQUEST-----" > audit_signing.csr $ pki-server ca-config-show ca.audit_signing.certreq >> audit_signing.csr $ echo "-----END CERTIFICATE REQUEST-----" >> audit_signing.csr
$ echo "-----BEGIN CERTIFICATE REQUEST-----" > subsystem.csr $ pki-server ca-config-show ca.subsystem.certreq >> subsystem.csr $ echo "-----END CERTIFICATE REQUEST-----" >> subsystem.csr
$ echo "-----BEGIN CERTIFICATE REQUEST-----" > sslserver.csr $ pki-server ca-config-show ca.sslserver.certreq >> sslserver.csr $ echo "-----END CERTIFICATE REQUEST-----" >> sslserver.csr