Imported Debian patch 4.8.10-2
This commit is contained in:
Timo Aaltonen
committed by
Mario Fetka
Mario Fetka
parent
8bc559c5a1
commit
358acdd85f
@@ -21,9 +21,11 @@
|
||||
ipa\-cacert\-manage \- Manage CA certificates in IPA
|
||||
.SH "SYNOPSIS"
|
||||
\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] renew
|
||||
.RE
|
||||
.br
|
||||
\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] install \fICERTFILE\fR...
|
||||
.RE
|
||||
.br
|
||||
\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] delete \fINICKNAME\fR
|
||||
.br
|
||||
\fBipa\-cacert\-manage\fR [\fIOPTIONS\fR...] list
|
||||
.SH "DESCRIPTION"
|
||||
\fBipa\-cacert\-manage\fR can be used to manage CA certificates in IPA.
|
||||
@@ -54,6 +56,16 @@ Please do not forget to run ipa-certupdate on the master, all the replicas and a
|
||||
.sp
|
||||
The supported formats for the certificate files are DER, PEM and PKCS#7 format.
|
||||
.RE
|
||||
.TP
|
||||
\fBdelete\fR
|
||||
\- Remove a CA certificate
|
||||
.sp
|
||||
.RS
|
||||
Remove a CA from IPA. The nickname of a CA to be removed can be found using the list command. The CA chain is validated before allowing a CA to be removed so leaf certificates in a chain need to be removed first.
|
||||
.sp
|
||||
Please do not forget to run ipa-certupdate on the master, all the replicas and all the clients after this command in order to update IPA certificates databases.
|
||||
.RE
|
||||
.TP
|
||||
\fBlist\fR
|
||||
\- List the stored CA certificates
|
||||
.sp
|
||||
@@ -79,7 +91,6 @@ Output only errors.
|
||||
.TP
|
||||
\fB\-\-log\-file\fR=\fIFILE\fR
|
||||
Log to the given file.
|
||||
.RE
|
||||
.SH "RENEW OPTIONS"
|
||||
.TP
|
||||
\fB\-\-self\-signed\fR
|
||||
@@ -112,7 +123,6 @@ If no template is specified, the template name "SubCA" is used.
|
||||
.TP
|
||||
\fB\-\-external\-cert\-file\fR=\fIFILE\fR
|
||||
File containing the IPA CA certificate and the external CA certificate chain. The file is accepted in PEM and DER certificate and PKCS#7 certificate chain formats. This option may be used multiple times.
|
||||
.RE
|
||||
.SH "INSTALL OPTIONS"
|
||||
.TP
|
||||
\fB\-n\fR \fINICKNAME\fR, \fB\-\-nickname\fR=\fINICKNAME\fR
|
||||
@@ -130,6 +140,10 @@ T \- CA trusted to issue client certificates
|
||||
.IP
|
||||
p \- not trusted
|
||||
.RE
|
||||
.SH "DELETE OPTIONS"
|
||||
.TP
|
||||
\fB\-f\fR, \fB\-\-force\fR
|
||||
Force a CA certificate to be removed even if chain validation fails.
|
||||
.SH "EXIT STATUS"
|
||||
0 if the command was successful
|
||||
|
||||
|
||||
Reference in New Issue
Block a user