PKI Server Status CLI - dogtagpki/pki GitHub Wiki
The pki-server status
command provides a way to check the status of PKI server and to show some basic configuration.
$ pki-server status Instance ID: pki-tomcat Active: True Nuxwdog Enabled: False Unsecure Port: 8080 Secure Port: 8443 Tomcat Port: 8005 CA Subsystem: SD Manager: True SD Name: EXAMPLE SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/ca/ee/ca Secure Agent URL: https://pki.example.com:8443/ca/agent/ca Secure EE URL: https://pki.example.com:8443/ca/ee/ca Secure Admin URL: https://pki.example.com:8443/ca/services PKI Console URL: https://pki.example.com:8443/ca KRA Subsystem: SD Manager: False SD Name: EXAMPLE SD Registration URL: https://pki.example.com:8443 Enabled: True Secure Agent URL: https://pki.example.com:8443/kra/agent/kra Secure Admin URL: https://pki.example.com:8443/kra/services PKI Console URL: https://pki.example.com:8443/kra OCSP Subsystem: SD Manager: False SD Name: EXAMPLE SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob> Secure Agent URL: https://pki.example.com:8443/ocsp/agent/ocsp Secure EE URL: https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob> Secure Admin URL: https://pki.example.com:8443/ocsp/services PKI Console URL: https://pki.example.com:8443/ocsp TKS Subsystem: SD Manager: False SD Name: EXAMPLE SD Registration URL: https://pki.example.com:8443 Enabled: True Secure Agent URL: https://pki.example.com:8443/tks/agent/tks Secure Admin URL: https://pki.example.com:8443/tks/services PKI Console URL: https://pki.example.com:8443/tks TPS Subsystem: SD Manager: False SD Name: EXAMPLE SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/tps Unsecure PHONE HOME: http://pki.example.com:8080/tps/phoneHome Secure URL: https://pki.example.com:8443/tps Secure PHONE HOME: https://pki.example.com:8443/tps/phoneHome
To display server status:
$ pki-server status Instance ID: pki-tomcat Active: True Unsecure Port: 8080 Secure Port: 8443 Tomcat Port: 8005 CA Subsystem: Type: Root CA (Security Domain) SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/ca/ee/ca Secure Agent URL: https://pki.example.com:8443/ca/agent/ca Secure EE URL: https://pki.example.com:8443/ca/ee/ca Secure Admin URL: https://pki.example.com:8443/ca/services PKI Console URL: https://pki.example.com:8443/ca KRA Subsystem: Type: KRA SD Registration URL: https://pki.example.com:8443 Enabled: True Secure Agent URL: https://pki.example.com:8443/kra/agent/kra Secure Admin URL: https://pki.example.com:8443/kra/services PKI Console URL: https://pki.example.com:8443/kra OCSP Subsystem: Type: OCSP SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/ocsp/ee/ocsp/<ocsp request blob> Secure Agent URL: https://pki.example.com:8443/ocsp/agent/ocsp Secure EE URL: https://pki.example.com:8443/ocsp/ee/ocsp/<ocsp request blob> Secure Admin URL: https://pki.example.com:8443/ocsp/services PKI Console URL: https://pki.example.com:8443/ocsp TKS Subsystem: Type: TKS SD Registration URL: https://pki.example.com:8443 Enabled: True Secure Agent URL: https://pki.example.com:8443/tks/agent/tks Secure Admin URL: https://pki.example.com:8443/tks/services PKI Console URL: https://pki.example.com:8443/tks TPS Subsystem: Type: TPS SD Registration URL: https://pki.example.com:8443 Enabled: True Unsecure URL: http://pki.example.com:8080/tps Unsecure PHONE HOME: http://pki.example.com:8080/tps/phoneHome Secure URL: https://pki.example.com:8443/tps Secure PHONE HOME: https://pki.example.com:8443/tps/phoneHome
If Active
is True
, the server is running and accepting connections at the specified ports.
If it is False
, the server is not running.
Possible values of Type:
-
Root CA
-
Root CA (Security Domain)
-
Subordinate CA
-
Subordinate CA (Security Domain)
-
CA Clone
-
CA Clone (Security Domain)
-
KRA
-
KRA (Standalone)
-
KRA Clone
-
OCSP
-
OCSP (Standalone)
-
OCSP Clone
-
TKS
-
TKS Clone
-
TPS
The SD Registration URL
indicates the security domain to which the subsystem is registered.
If Enabled
is True
, the subsystem is running and accepting requests at the specified URLs provided that the server is running too. If it is False
, the subsystem is not running regardless whether the server itself is running.