PKI Server Instance External Certificate CLI - dogtagpki/pki GitHub Wiki

Overview

The pki-server instance-externalcert commands can be used to manage external certificates in PKI server’s NSS database.

Configuration

The list of external certificates is stored in /var/lib/pki/pki-tomcat/conf/external_certs.conf, for example:

0.nickname=third_party_ca
0.token=internal

Adding External Certificate

$ pki-server instance-externalcert-add \
    --cert-file third_party_ca.crt \
    --trust-args=CT,C,C \
    --nickname third_party_ca

Removing External Certificate

$ pki-server instance-externalcert-del \
    --nickname third_party_ca
Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️