PKI KRA Key CLI - dogtagpki/pki GitHub Wiki
This page describes the CLI commands to manage keys in KRA. It assumes KRA is already installed. All key operations have to be executed as KRA Agent. See Adding KRA Agent.
A request has the following properties:
-
request ID
-
key ID
-
type
-
status
A key has the following properties:
-
key ID
-
client key ID
-
status: active or inactive
-
owner
-
type
-
type-specific properties
A key ID is an ID generated by the server which is unique for each key stored in the server. A client key ID is an ID provided by the client while generating or archiving a key. The client key ID does not have to be unique, but there can only be one active key for each client key ID. To generate/archive a new key with the same client key ID, the existing active key will need to be deactivated first.
All key operations should be executed as KRA agent.