pki-group man page

pki-group — Command-Line Interface for managing Certificate System groups.

Synopsis

pki [CLI options] <subsystem>-group
pki [CLI options] <subsystem>-group-find [command options]
pki [CLI options] <subsystem>-group-show <group ID> [command options]
pki [CLI options] <subsystem>-group-add <group ID> [command options]
pki [CLI options] <subsystem>-group-mod <group ID> [command options]
pki [CLI options] <subsystem>-group-del <group ID> [command options]

Description

The pki-group commands provide command-line interfaces to manage groups on the specified subsystem.

Valid subsystems are ca, kra, ocsp, tks, and tps. If the <subsystem>- prefix is omitted, it will default to ca.

pki [CLI options] <subsystem>-group

This command is to list available group commands for the subsystem.

pki [CLI options] <subsystem>-group-find [command options]

This command is to list groups in the subsystem.

pki [CLI options] <subsystem>-group-show <group ID> [command options]

This command is to view a group details in the subsystem.

pki [CLI options] <subsystem>-group-add <group ID> [command options]

This command is to add a group into the subsystem.

pki [CLI options] <subsystem>-group-mod <group ID> [command options]

This command is to modify a group in the subsystem.

pki [CLI options] <subsystem>-group-del <group ID> [command options]

This command is to delete a group from the subsystem.

Options

The CLI options are described in pki(1).

Operations

To view available group commands, type pki <subsystem>-group. To view each command's usage, type pki <subsystem>-group-<command> --help.

All group commands must be executed as the subsystem administrator.

For example, to list groups in CA execute the following command:

pki <CA admin authentication> ca-group-find

The results can be paged by specifying the (0-based) index of the first entry to return and the maximum number of entries returned:

pki <CA admin authentication> ca-group-find --start 20 --size 10

The above command will return entries #20 to #29.

To view a CA group, specify the group ID in the following command:

pki <CA admin authentication> ca-group-show testgroup

To add a CA group, specify the group ID in the following command:

pki <CA admin authentication> ca-group-add testgroup

To modify a CA group, specify the group ID and the attributes to be modified in the following command:

pki <CA admin authentication> ca-group-mod testgroup --description “Test Group”

To delete a CA group, specify the group ID in the following command:

pki <CA admin authentication> ca-group-del testgroup

See Also

pki-group-member(1)

Group member management commands

Authors

Ade Lee <alee@redhat.com>, Endi Dewata <edewata@redhat.com>, and Matthew Harmsen <mharmsen@redhat.com>.

Referenced By

pki(1).

May 5, 2014 version 10.2 PKI Group Management Commands