PKI Server SD CLI - dogtagpki/pki GitHub Wiki

Overview

The pki-server sd-* commands provide a way to manage security domain database directly without a running PKI server. These commands can be used to fix security domain issues.

Creating Security Domain Database

To create an empty security domain database:

$ pki-server sd-create

Add new subsystem type in the Security Domain Database

The security domain database is created with an entry for each subsystem supported. To add a new subsystem type:

$ pki-server sd-type-add EST

Listing Subsystems in Security Domain

To list the subsystems in the security domain:

$ pki-server sd-subsystem-find

Adding Subsystem into Security Domain

To add a subsystem into the security domain:

$ pki-server sd-subsystem-add \
    --subsystem CA \
    --hostname pki.example.com \
    --secure-port 8443 \
    "CA pki.example.com 8443"

Removing Subsystem from Security Domain

To remove a subsystem from the security domain:

$ pki-server sd-subsystem-del "CA pki.example.com 8443"

See Also

Tip
 To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis.
⚠️ **GitHub.com Fallback** ⚠️