PKI Server KRA CLI

KRA VLV Management

Listing KRA VLVs

To list KRA VLV indexes currently in the database execute the following command:

$ pki-server kra-db-vlv-find
----------------
26 entries found
----------------
  dn: cn=allKeys-pki-tomcat,cn=kra,cn=ldbm database,cn=plugins,cn=config
  objectClass: top
  objectClass: vlvSearch
  vlvScope: 1
  vlvFilter: (&(serialno=*)(!(realm=*)))
  vlvBase: ou=keyRepository,ou=kra,dc=kra,dc=pki,dc=example,dc=com
  cn: allKeys-pki-tomcat

...

Adding KRA VLVs

To import KRA VLV indexes from /usr/share/pki/kra/conf/vlv.ldif into the database execute the following command:

$ pki-server kra-db-vlv-add
KRA VLVs added to the database for pki-tomcat

Reindexing KRA VLVs

To rebuild KRA VLV indexes in the database execute the following command:

$ pki-server kra-db-vlv-reindex
Initiating KRA VLV reindex for pki-tomcat
KRA VLV reindex completed for pki-tomcat

Deleting KRA VLVs

To remove KRA VLV indexes currently in the database execute the following command:

$ pki-server kra-db-vlv-del
KRA VLVs deleted from the database for pki-tomcat

KRA Audit Management

• PKI Server Audit CLI

Subsystem Management

• PKI Server Subsystem Database CLI

• PKI Server Subsystem User CLI

• PKI Server Subsystem Group CLI

Preparing KRA Clone

To export the KRA system certificates for cloning, execute the following command:

$ pki-server kra-clone-prepare --pkcs12-file kra-certs.p12 --pkcs12-password-file password.txt

See also Installing KRA Clone.

See Also

• DS Database Indexes

• Database Upgrade for PKI 10.3.x