mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-28 01:41:14 -06:00
3cde7e9cfd
Added new --*-cert-name options to ipa-server-install and ipa-replica-prepare and --cert-name option to ipa-server-certinstall. The options allows choosing a particular certificate and private key from PKCS#12 files by its friendly name. https://fedorahosted.org/freeipa/ticket/4489 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
52 lines
2.1 KiB
Groff
52 lines
2.1 KiB
Groff
.\" A man page for ipa-server-certinstall
|
|
.\" Copyright (C) 2008 Red Hat, Inc.
|
|
.\"
|
|
.\" This program is free software; you can redistribute it and/or modify
|
|
.\" it under the terms of the GNU General Public License as published by
|
|
.\" the Free Software Foundation, either version 3 of the License, or
|
|
.\" (at your option) any later version.
|
|
.\"
|
|
.\" This program is distributed in the hope that it will be useful, but
|
|
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
.\" General Public License for more details.
|
|
.\"
|
|
.\" You should have received a copy of the GNU General Public License
|
|
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
.\"
|
|
.\" Author: Rob Crittenden <rcritten@redhat.com>
|
|
.\"
|
|
.TH "ipa-server-certinstall" "1" "Mar 14 2008" "FreeIPA" "FreeIPA Manual Pages"
|
|
.SH "NAME"
|
|
ipa\-server\-certinstall \- Install new SSL server certificates
|
|
.SH "SYNOPSIS"
|
|
ipa\-server\-certinstall [\fIOPTION\fR]... FILE...
|
|
.SH "DESCRIPTION"
|
|
Replace the current SSL Directory and/or Apache server certificate(s) with the certificate in the specified files. The files are accepted in PEM and DER certificate, PKCS#7 certificate chain, PKCS#8 and raw private key and PKCS#12 formats.
|
|
|
|
PKCS#12 is a file format used to safely transport SSL certificates and public/private keypairs.
|
|
|
|
They may be generated and managed using the NSS pk12util command or the OpenSSL pkcs12 command.
|
|
|
|
The service(s) are not automatically restarted. In order to use the newly installed certificate(s) you will need to manually restart the Directory and/or Apache servers.
|
|
.SH "OPTIONS"
|
|
.TP
|
|
\fB\-d\fR, \fB\-\-dirsrv\fR
|
|
Install the certificate on the Directory Server
|
|
.TP
|
|
\fB\-w\fR, \fB\-\-http\fR
|
|
Install the certificate in the Apache Web Server
|
|
.TP
|
|
\fB\-\-pin\fR=\fIPIN\fR
|
|
The password to unlock the private key
|
|
.TP
|
|
\fB\-\-cert\-name\fR=\fINAME\fR
|
|
Name of the certificate to install
|
|
.TP
|
|
\fB\-\-dirman\-password\fR=\fIDIRMAN_PASSWORD\fR
|
|
Directory Manager password
|
|
.SH "EXIT STATUS"
|
|
0 if the installation was successful
|
|
|
|
1 if an error occurred
|