Package pki-tools

Certificate System - PKI Tools

http://pki.fedoraproject.org/

This package contains PKI executables that can be used to help make
Certificate System into a more complete and robust PKI solution.

This package is a part of the PKI Core used by the Certificate System.


==================================
||  ABOUT "CERTIFICATE SYSTEM"  ||
==================================

Certificate System (CS) is an enterprise software system designed
to manage enterprise Public Key Infrastructure (PKI) deployments.

PKI Core contains ALL top-level java-based Tomcat PKI components:

  * pki-symkey
  * pki-base
  * pki-base-python2 (alias for pki-base)
  * pki-base-python3
  * pki-base-java
  * pki-tools
  * pki-server
  * pki-ca
  * pki-kra
  * pki-ocsp
  * pki-tks
  * pki-tps
  * pki-javadoc

which comprise the following corresponding PKI subsystems:

  * Certificate Authority (CA)
  * Key Recovery Authority (KRA)
  * Online Certificate Status Protocol (OCSP) Manager
  * Token Key Service (TKS)
  * Token Processing Service (TPS)

Python clients need only install the pki-base package.  This
package contains the python REST client packages and the client
upgrade framework.

Java clients should install the pki-base-java package.  This package
contains the legacy and REST Java client packages.  These clients
should also consider installing the pki-tools package, which contain
native and Java-based PKI tools and utilities.

Certificate Server instances require the fundamental classes and
modules in pki-base and pki-base-java, as well as the utilities in
pki-tools.  The main server classes are in pki-server, with subsystem
specific Java classes and resources in pki-ca, pki-kra, pki-ocsp etc.

Finally, if Certificate System is being deployed as an individual or
set of standalone rather than embedded server(s)/service(s), it is
strongly recommended (though not explicitly required) to include at
least one PKI Theme package:

  * dogtag-pki-theme (Dogtag Certificate System deployments)
    * dogtag-pki-server-theme
  * redhat-pki-server-theme (Red Hat Certificate System deployments)
    * redhat-pki-server-theme
  * customized pki theme (Customized Certificate System deployments)
    * <customized>-pki-server-theme

  NOTE:  As a convenience for standalone deployments, top-level meta
         packages may be provided which bind a particular theme to
         these certificate server packages.
General Commands
Command Description
AtoB Convert ASCII base-64 encoded data to binary base-64 encoded data.
AuditVerify Command-Line utility for verifying Certificate System signed audit logs.
BtoA Convert binary base-64 encoded data to ASCII base-64 encoded data.
CMCEnroll Used to sign a certificate request with an agent's certificate.
KRATool Command-Line utility used to export private keys from one or more KRA instances...
pki Command-Line Interface for accessing Certificate System services.
pki-audit Command-Line Interface for managing Certificate System audit configuration.
pki-ca-kraconnector Command-Line Interface for managing CA-KRA connectors.
pki-ca-profile Command-Line Interface for managing Certificate System CA profiles.
pki-cert Command-Line Interface for managing certificates on the Certificate System...
pki-client Command-Line Interface for managing the security database on Certificate System...
pki-group Command-Line Interface for managing Certificate System groups.
pki-group-member Command-Line Interface for managing Certificate System group members.
pki-key Command-Line Interface for managing Certificate System keys.
pki-pkcs12 Command-Line Interface for managing certificates and keys in PKCS #12 file.
pki-pkcs12-cert Command-Line Interface for managing individual certificates in PKCS #12 file.
pki-pkcs12-key Command-Line Interface for managing individual keys in PKCS #12 file.
pki-securitydomain Command-Line Interface for managing Certificate System security domain.
pki-tps-profile Command-Line Interface for managing Certificate System TPS profiles.
pki-user Command-Line Interface for managing Certificate System users.
pki-user-cert Command-Line Interface for managing Certificate System user certificates.
pki-user-membership Command-Line Interface for managing Certificate System user memberships.
PrettyPrintCert print the contents of a certificate stored as ASCII base-64 encoded data to a...
PrettyPrintCrl reads a certificate revocation list (CRL) stored in an ASCII base-64 encoded...