PKI TPS Connector CLI - dogtagpki/pki GitHub Wiki

Listing Connectors

$ pki -n caadmin tps-connector-find
-----------------
3 entries matched
-----------------
  Connector ID: ca1
  Status: Enabled

  Connector ID: tks1
  Status: Enabled

  Connector ID: kra1
  Status: Enabled
----------------------------
Number of entries returned 3
----------------------------

Displaying Connector Info

To display connector configuration:

$ pki -n caadmin tps-connector-show ca1
---------------
Connector "ca1"
---------------
  Connector ID: ca1
  Status: Enabled
  Properties:
    tps.connector.ca1.enable: true
    tps.connector.ca1.host: pki.example.com
    tps.connector.ca1.maxHttpConns: 15
    tps.connector.ca1.minHttpConns: 1
    tps.connector.ca1.nickName: subsystemCert cert-pki-tomcat
    tps.connector.ca1.port: 8443
    tps.connector.ca1.timeout: 30
    tps.connector.ca1.uri.enrollment: /ca/ee/ca/profileSubmitSSLClient
    tps.connector.ca1.uri.getcert: /ca/ee/ca/displayBySerial
    tps.connector.ca1.uri.renewal: /ca/ee/ca/profileSubmitSSLClient
    tps.connector.ca1.uri.revoke: /ca/ee/subsystem/ca/doRevoke
    tps.connector.ca1.uri.unrevoke: /ca/ee/subsystem/ca/doUnrevoke

To download connector configuration into a file:

$ pki -n caadmin tps-connector-show ca1 --output ca1.xml
-----------------------------------
Stored connector "ca1" into ca1.xml
-----------------------------------

The configuration will be stored in XML format:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Connector id="ca1" xmlns:ns2="http://www.w3.org/2005/Atom">
    <Link href="https://pki.example.com:8443/tps/rest/connectors/ca1" rel="self"/>
    <Properties>
        <Property name="tps.connector.ca1.enable">true</Property>
        <Property name="tps.connector.ca1.host">pki.example.com</Property>
        <Property name="tps.connector.ca1.maxHttpConns">15</Property>
        <Property name="tps.connector.ca1.minHttpConns">1</Property>
        <Property name="tps.connector.ca1.nickName">subsystemCert cert-pki-tomcat</Property>
        <Property name="tps.connector.ca1.port">8443</Property>
        <Property name="tps.connector.ca1.timeout">30</Property>
        <Property name="tps.connector.ca1.uri.enrollment">/ca/ee/ca/profileSubmitSSLClient</Property>
        <Property name="tps.connector.ca1.uri.getcert">/ca/ee/ca/displayBySerial</Property>
        <Property name="tps.connector.ca1.uri.renewal">/ca/ee/ca/profileSubmitSSLClient</Property>
        <Property name="tps.connector.ca1.uri.revoke">/ca/ee/subsystem/ca/doRevoke</Property>
        <Property name="tps.connector.ca1.uri.unrevoke">/ca/ee/subsystem/ca/doUnrevoke</Property>
    </Properties>
    <Status>Enabled</Status>
</Connector>

Adding Connector

To add a new connector, download the configuration of an existing connector into a file. Change the connector ID and make the necessary changes:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<Connector id="ca2" xmlns:ns2="http://www.w3.org/2005/Atom">
    <Link href="https://pki.example.com:8443/tps/rest/connectors/test" rel="self"/>
    <Properties>
        <Property name="tps.connector.test.enable">true</Property>
        <Property name="tps.connector.test.host">pki.example.com</Property>
        <Property name="tps.connector.test.maxHttpConns">15</Property>
        <Property name="tps.connector.test.minHttpConns">1</Property>
        <Property name="tps.connector.test.nickName">subsystemCert cert-pki-tomcat</Property>
        <Property name="tps.connector.test.port">8443</Property>
        <Property name="tps.connector.test.timeout">30</Property>
        <Property name="tps.connector.test.uri.enrollment">/ca/ee/ca/profileSubmitSSLClient</Property>
        <Property name="tps.connector.test.uri.getcert">/ca/ee/ca/displayBySerial</Property>
        <Property name="tps.connector.test.uri.renewal">/ca/ee/ca/profileSubmitSSLClient</Property>
        <Property name="tps.connector.test.uri.revoke">/ca/ee/subsystem/ca/doRevoke</Property>
        <Property name="tps.connector.test.uri.unrevoke">/ca/ee/subsystem/ca/doUnrevoke</Property>
    </Properties>
    <Status>Enabledk</Status>
</Connector>

Then upload the new configuration:

$ pki -n caadmin tps-connector-add --input test.xml
----------------------
Added connector "test"
----------------------

Enabling Connector

$ pki -n caadmin tps-connector-mod test --action enable

Disabling Connector

$ pki -n caadmin tps-connector-mod test --action disable

Modifying Connector

To modify a connector, make sure the connector is disabled. Download the current configuration using the pki tps-connector-show command, edit the file, then update the new configuration:

$ pki -n caadmin tps-connector-mod test --input test.xml

Finally, re-enable the connector.

Deleting Connector

To delete a connector, make sure the connector is disabled, then execute the following command:

$ pki -n caadmin tps-connector-del test
------------------------
Deleted connector "test"
------------------------
⚠️ **GitHub.com Fallback** ⚠️