.nh .TH pki-user-cert 1 "Jun 3, 2015" PKI "PKI User Certificate Management Commands" .SH NAME .PP pki-user-cert - Command-line interface for managing PKI user certificates. .SH SYNOPSIS .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert\fP .br \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-find\fP \fIuser-ID\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-show\fP \fIuser-ID\fP \fIcert-ID\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-add\fP \fIuser-ID\fP [\fIcommand-options\fP] .br \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-del\fP \fIuser-ID\fP \fIcert-ID\fP [\fIcommand-options\fP] .SH DESCRIPTION .PP The \fBpki <subsystem>-user-cert\fP commands provide command-line interfaces to manage user certificates on the specified subsystem. .PP Valid subsystems are \fBca\fP, \fBkra\fP, \fBocsp\fP, \fBtks\fP, and \fBtps\fP\&. .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert\fP .br This command is to list available user certificate commands for the subsystem. .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-find\fP \fIuser-ID\fP [\fIcommand-options\fP] .br This command is to list certificates owned by the subsystem user. .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-show\fP \fIuser-ID\fP \fIcert-ID\fP [\fIcommand-options\fP] .br This command is to view the details of a certificate owned to the subsystem user. .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-add\fP \fIuser-ID\fP [\fIcommand-options\fP] .br This command is to add a certificate to the subsystem user. .PP \fBpki\fP [\fICLI-options\fP] \fB<subsystem>-user-cert-del\fP \fIuser-ID\fP \fIcert-ID\fP [\fIcommand-options\fP] .br This command is to delete a certificate from the subsystem user. .SH OPTIONS .PP The CLI options are described in \fBpki(1)\fP\&. .SH OPERATIONS .PP To view available user certificate commands, type \fBpki <subsystem>-user-cert\fP\&. To view each command's usage, type \fBpki <subsystem>-user-cert-<command> --help\fP\&. .PP All user certificate commands must be executed as the subsystem administrator. .PP For example, to list certificates owned by a CA user execute the following command: .PP .RS .nf $ pki ca-user-cert-find testuser .fi .RE .PP The results can be paged by specifying the (0-based) index of the first entry to return and the maximum number of entries returned: .PP .RS .nf $ pki ca-user-cert-find testuser --start 20 --size 10 .fi .RE .PP The above command will return entries #20 to #29. .PP To view a certificate owned by a CA user, specify the user ID and the certificate ID in the following command: .PP .RS .nf $ pki ca-user-cert-show testuser \\ "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser" .fi .RE .PP To add a certificate to a CA user from a file, specify the user ID and the input file: .PP .RS .nf $ pki ca-user-cert-add testuser --input testuser.crt .fi .RE .PP To add a certificate to a CA user from the certificate repository, specify the user ID and the serial number: .PP .RS .nf $ pki ca-user-cert-add testuser --serial 0x80 .fi .RE .PP To delete a certificate from a CA user, specify the user ID and the certificate ID in the following command: .PP .RS .nf $ pki ca-user-cert-del testuser \\ "2;11;CN=CA Signing Certificate,O=EXAMPLE;UID=testuser" .fi .RE .SH AUTHORS .PP Endi S. Dewata <edewata@redhat.com>\&. .SH COPYRIGHT .PP Copyright (c) 2015 Red Hat, Inc. This is licensed under the GNU General Public License, version 2 (GPLv2). A copy of this license is available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.