PKI Server Banner CLI - dogtagpki/pki GitHub Wiki
PKI server provides a tool to manage Access Banner.
By default PKI server does not have any banner installed. To install a banner, create /var/lib/pki/pki-tomcat/conf/banner.txt
and store the banner message in this file, for example:
WARNING! Access to this service is restricted to those individuals with specific permissions. Any attempts to gain access, authorized or not, and all operations that follow, are audited and could be used against you in the court of law.
The banner message must be UTF-8 encoded.
To uninstall the banner, simply remove /var/lib/pki/pki-tomcat/conf/banner.txt
.
By default the PKI server does not have any banner installed:
$ pki-server banner-show ERROR: Banner is not installed
If a banner is installed, it can be displayed with this command:
$ pki-server banner-show WARNING! Access to this service is restricted to those individuals with specific permissions. Any attempts to gain access, authorized or not, and all operations that follow, are audited and could be used against you in the court of law.
If the banner contains invalid characters or empty, it will be displayed as is:
$ pki-server banner-show 3āK~āāEāOā.ę¶Æāā~āā
To install banner file:
$ pki-server banner-install --file <path>
To uninstall banner:
$ pki-server banner-uninstall
To validate banner that has been installed on the server:
$ pki-server banner-validate --------------- Banner is valid ---------------
If the installed banner is invalid:
$ pki-server banner-validate ERROR: Banner contains invalid character(s)
If the server does not have any banner installed:
$ pki-server banner-validate ----------------------- Banner is not installed -----------------------
To validate banner file that has not been installed:
$ pki-server banner-validate --file <path> --------------- Banner is valid ---------------