mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-24 16:10:02 -06:00
59802d37d1
Adding notice for user to restart services after ipa-server-certinstall. https://pagure.io/freeipa/issue/7016 Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
56 lines
2.2 KiB
Groff
56 lines
2.2 KiB
Groff
.\" A man page for ipa-server-certinstall
|
|
.\" Copyright (C) 2008 Red Hat, Inc.
|
|
.\"
|
|
.\" This program is free software; you can redistribute it and/or modify
|
|
.\" it under the terms of the GNU General Public License as published by
|
|
.\" the Free Software Foundation, either version 3 of the License, or
|
|
.\" (at your option) any later version.
|
|
.\"
|
|
.\" This program is distributed in the hope that it will be useful, but
|
|
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
.\" General Public License for more details.
|
|
.\"
|
|
.\" You should have received a copy of the GNU General Public License
|
|
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
.\"
|
|
.\" Author: Rob Crittenden <rcritten@redhat.com>
|
|
.\"
|
|
.TH "ipa-server-certinstall" "1" "Mar 14 2008" "FreeIPA" "FreeIPA Manual Pages"
|
|
.SH "NAME"
|
|
ipa\-server\-certinstall \- Install new SSL server certificates
|
|
.SH "SYNOPSIS"
|
|
ipa\-server\-certinstall [\fIOPTION\fR]... FILE...
|
|
.SH "DESCRIPTION"
|
|
Replace the current Directory server SSL certificate, Apache server SSL certificate and/or Kerberos KDC certificate with the certificate in the specified files. The files are accepted in PEM and DER certificate, PKCS#7 certificate chain, PKCS#8 and raw private key and PKCS#12 formats.
|
|
|
|
PKCS#12 is a file format used to safely transport SSL certificates and public/private keypairs.
|
|
|
|
They may be generated and managed using the NSS pk12util command or the OpenSSL pkcs12 command.
|
|
|
|
The service(s) are not automatically restarted. In order to use the newly installed certificate(s) you will need to manually restart the Directory, Apache and/or Krb5kdc servers.
|
|
|
|
.SH "OPTIONS"
|
|
.TP
|
|
\fB\-d\fR, \fB\-\-dirsrv\fR
|
|
Install the certificate on the Directory Server
|
|
.TP
|
|
\fB\-w\fR, \fB\-\-http\fR
|
|
Install the certificate in the Apache Web Server
|
|
.TP
|
|
\fB\-k\fR, \fB\-\-kdc\fR
|
|
Install the certificate in the Kerberos KDC
|
|
.TP
|
|
\fB\-\-pin\fR=\fIPIN\fR
|
|
The password to unlock the private key
|
|
.TP
|
|
\fB\-\-cert\-name\fR=\fINAME\fR
|
|
Name of the certificate to install
|
|
.TP
|
|
\fB\-\-dirman\-password\fR=\fIDIRMAN_PASSWORD\fR
|
|
Directory Manager password
|
|
.SH "EXIT STATUS"
|
|
0 if the installation was successful
|
|
|
|
1 if an error occurred
|