-
Notifications
You must be signed in to change notification settings - Fork 139
PKI Server CA Certificate Request CLI
Endi S. Dewata edited this page Mar 21, 2023
·
12 revisions
The pki-server ca-cert-request-* commands provide a way to manage certificate requests in CA when PKI server is offline.
These commands can only be executed by the system administrator.
To find the certificate request for a certificate:
$ pki-server ca-cert-request-find --cert-file <cert file>
As of PKI 10.4 the content of the certificate has to be formatted as follows:
-
The certificate must be base-64 encoded.
-
Each line must be 64 bytes long terminated with CRLF.
-
There is no BEGIN/END CERTIFICATE header/footer.
For example:
MIIDnTCCAoWgAwIBAgIBBTANBgkqhkiG9w0BAQsFADBIMRAwDgYDVQQKDAdFWEFN<CRLF> UExFMRMwEQYDVQQLDApwa2ktdG9tY2F0MR8wHQYDVQQDDBZDQSBTaWduaW5nIENl<CRLF> ... EzgqNUFrj/ATV31qVzEb6aka+93bd437Iga68OTz+8fhif8TbILWfJG87rU3w00D<CRLF> DMK8f1ILzfnK1kUEkBQ9zoiDlQyiUsl6TDJKXFc8Woqi0VTgK2AJ7cVdrwtOiE++<CRLF> 6jk3lUH/goACLP5fIuZWqlM=<CRLF>
Note: The certificate format may change in the future.
$ pki-server ca-cert-request-show <request ID>
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |