mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-30 10:47:08 -06:00
3aa0731fc6
The --external_cert_file and --external_ca_file options of ipa-server-install and ipa-ca-install have been replaced by --external-cert-file option which accepts multiple files. The files are accepted in PEM and DER certificate and PKCS#7 certificate chain formats. https://fedorahosted.org/freeipa/ticket/4480 Reviewed-By: Petr Viktorin <pviktori@redhat.com>
58 lines
2.3 KiB
Groff
58 lines
2.3 KiB
Groff
.\" A man page for ipa-ca-install
|
|
.\" Copyright (C) 2011 Red Hat, Inc.
|
|
.\"
|
|
.\" This program is free software; you can redistribute it and/or modify
|
|
.\" it under the terms of the GNU General Public License as published by
|
|
.\" the Free Software Foundation, either version 3 of the License, or
|
|
.\" (at your option) any later version.
|
|
.\"
|
|
.\" This program is distributed in the hope that it will be useful, but
|
|
.\" WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
.\" General Public License for more details.
|
|
.\"
|
|
.\" You should have received a copy of the GNU General Public License
|
|
.\" along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
.\"
|
|
.\" Author: Rob Crittenden <rcritten@redhat.com>
|
|
.\"
|
|
.TH "ipa-ca-install" "1" "Jun 17 2011" "FreeIPA" "FreeIPA Manual Pages"
|
|
.SH "NAME"
|
|
ipa\-ca\-install \- Install a CA on a server
|
|
.SH "SYNOPSIS"
|
|
ipa\-ca\-install [\fIOPTION\fR]... [replica_file]
|
|
.SH "DESCRIPTION"
|
|
Adds a CA as an IPA\-managed service. This requires that the IPA server is already installed and configured.
|
|
|
|
The replica_file is created using the ipa\-replica\-prepare utility and should be the same one used when originally installing the replica.
|
|
|
|
Alternatively, you can run ipa\-ca\-install without replica_file to upgrade from CA-less to CA-full.
|
|
.SH "OPTIONS"
|
|
\fB\-d\fR, \fB\-\-debug\fR
|
|
Enable debug logging when more verbose output is needed
|
|
.TP
|
|
\fB\-p\fR \fIDM_PASSWORD\fR, \fB\-\-password\fR=\fIDM_PASSWORD\fR
|
|
Directory Manager (existing master) password
|
|
.TP
|
|
\fB\-w\fR \fIADMIN_PASSWORD\fR, \fB\-\-admin\-password\fR=\fIADMIN_PASSWORD\fR
|
|
Admin user Kerberos password used for connection check
|
|
.TP
|
|
\fB\-\-external\-cert\-file\fR=\fIFILE\fR
|
|
File containing the IPA CA certificate and the external CA certificate chain. The file is accepted in PEM and DER certificate and PKCS#7 certificate chain formats. This option may be used multiple times.
|
|
.TP
|
|
\fB\-\-no\-host\-dns\fR
|
|
Do not use DNS for hostname lookup during installation
|
|
.TP
|
|
\fB\-\-skip\-conncheck\fR
|
|
Skip connection check to remote master
|
|
.TP
|
|
\fB\-\-skip\-schema\-check\fR
|
|
Skip check for updated CA DS schema on the remote master
|
|
.TP
|
|
\fB\-U\fR, \fB\-\-unattended\fR
|
|
An unattended installation that will never prompt for user input
|
|
.SH "EXIT STATUS"
|
|
0 if the command was successful
|
|
|
|
1 if an error occurred
|