.nh .TH pki-pkcs12-cert 1 "Oct 28, 2016" PKI "PKI PKCS #12 Certificate Management Commands" .SH NAME .PP pki-pkcs12-cert - Command-line interface for managing individual certificates in PKCS #12 file. .SH SYNOPSIS .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert\fP .br \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-find\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-export\fP \fInickname\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-import\fP \fInickname\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-mod\fP \fInickname\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-del\fP \fInickname\fP [\fIcommand-options\fP] .SH DESCRIPTION .PP The \fBpki pkcs12-cert\fP commands provide command-line interfaces to manage certificates in a PKCS #12 file. .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-find\fP [\fIcommand-options\fP] .br This command is to list certificates in a PKCS #12 file. .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-export\fP \fInickname\fP [\fIcommand-options\fP] .br This command is to export a certificate from a PKCS #12 file. .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-import\fP \fInickname\fP [\fIcommand-options\fP] .br This command is to import a certificate into a PKCS #12 file. .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-mod\fP \fInickname\fP [\fIcommand-options\fP] .br This command is to modify a certificate in a PKCS #12 file. .PP \fBpki\fP [\fICLI-options\fP] \fBpkcs12-cert-del\fP \fInickname\fP [\fIcommand-options\fP] .br This command is to delete a certificate from a PKCS #12 file. .SH OPTIONS .PP The CLI options are described in \fBpki(1)\fP\&. .SH OPERATIONS .PP To view available profile commands, type \fBpki pkcs12-cert\fP\&. To view each command's usage, type \fBpki pkcs12-cert-<command> --help\fP\&. .PP All \fBpki pkcs12-cert\fP commands require a PKCS #12 file and its password. The PKCS #12 file can be specified with the \fB--pkcs12-file\fP parameter. The password can be specified either directly with the \fB--pkcs12-password\fP parameter, or in a file with the \fB--pkcs12-password-file\fP parameter. .PP Some \fBpki pkcs12-cert\fP commands require an NSS database and its password. The NSS database location can be specified with the \fB-d\fP parameter (default: ~/.dogtag/nssdb). The NSS database password can be specified with the \fB-c\fP or the \fB-C\fP parameter. .SS Viewing certificates in a PKCS #12 file .PP To list the certificates in a PKCS #12 file: .PP .RS .nf $ pki pkcs12-cert-find .fi .RE .SS Exporting a certificate from a PKCS #12 file .PP To export a certificate from a PKCS #12 file into a file in PEM format: .PP .RS .nf $ pki pkcs12-cert-export .fi .RE .PP The certificate file can be specified with the \fB--cert-file\fP parameter. .SS Importing a certificate into a PKCS #12 file .PP To import a certificate including its key and trust flags from an NSS database into a PKCS #12 file: .PP .RS .nf $ pki pkcs12-cert-import \\ .fi .RE .PP If the PKCS #12 file does not exist, it will be created automatically. If the PKCS #12 file already exists, the certificate will be added into the file. .PP The trust flags can be overwritten with the \fB--trust-flags\fP parameter. If the key is not needed, specify the \fB--no-key\fP parameter. .SS Modifying a certificate in a PKCS #12 file .PP To modify the trust flags of a certificate in a PKCS #12 file: .PP .RS .nf $ pki pkcs12-cert-mod .fi .RE .PP The trust flags can be specified with the \fB--trust-flags\fP parameter. .SS Deleting a certificate from a PKCS #12 file .PP To delete a certificate and its key from a PKCS #12 file: .PP .RS .nf $ pki pkcs12-cert-del .fi .RE .SH SEE ALSO .PP \fBpki-pkcs12(1)\fP .SH AUTHORS .PP Endi S. Dewata <edewata@redhat.com>\&. .SH COPYRIGHT .PP Copyright (c) 2016 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.