PKI CA Certificate Request CLI - dogtagpki/pki GitHub Wiki

Overview

The commands to view or process certificate requests must be executed as an agent.

Listing Certificate Requests

This command requires agent authentication:

$ pki -n caadmin ca-cert-request-find
-----------------
2 entries matched
-----------------
  Request ID: 1
  Type: enrollment
  Request Status: complete
  Operation Result: success
  Certificate ID: 0x1

  Request ID: 2
  Type: enrollment
  Request Status: complete
  Operation Result: success
  Certificate ID: 0x2
----------------------------
Number of entries returned 2
----------------------------

Getting Certificate Request Templates

This command does not require authentication:

$ pki ca-cert-request-profile-show <profile> --output <filename>

Reviewing Certificate Requests

To review a certificate request:

$ pki <agent authentication> ca-cert-request-review <request ID> --file <filename>

It will store the certificate request in the output file and wait for an action. The file should be reviewed manually and may be edited if necessary.

Then enter one of the following actions to complete the review:

  • approve

  • reject

  • cancel

  • update

  • validate

  • assign

  • unassign

Alternatively, the approval process can be done in a single step:

$ pki <agent authentication> ca-cert-request-review <request ID> --action approve

Checking Certificate Request Status

$ pki ca-cert-request-show <request ID>

See Also

⚠️ **GitHub.com Fallback** ⚠️