USAGE: tpm cert {action} {typeSpec}
[args]
Table 9.5. tpm cert Read-Only Actions
| Option | Description |
|---|---|
aliases, al | Display alias names from one or more files. |
ask, as | Display various information. |
cat, ca | Display key files. |
diff, d | Compare running files with generated files. |
example, ex | Display example files. |
info, in | Display metadata about a security file as JSON. |
list, li | Show the contents of a security file. |
ls | List a directory. |
help, h | Display short help text. |
Table 9.6. tpm cert Write Actions
| Option | Description |
|---|---|
import, ad, add, im | Add one or more typeSpecs into another. |
backup, ba | Backup one or more key directories and files. |
cp, ch, changepass | Change the storepass for one or more files. |
clean, cl | Delete all files in a directory. |
copy, co | Copy one or more key directories or files to other node(s) in the cluster, either before or after install. |
gen, cr, create, g | Generate various security files. |
vi, v | Edit the file. |
rm, rem, remove | Delete a specific alias from a security file. |
swap, ro, rotate, sw | Replace an existing entry with one from another file. |
update | Update the specified typeSpec. |
Table 9.7. tpm cert Arguments
| Option | Description |
|---|---|
--count, -c | Display an integer count of aliases found instead of the actual aliases. |
--debug, -d | Displays debug-level status messages. |
--dir | Specify the target directory to store files in. |
--dryrun, -n | Do not execute the command, display what would be done instead. |
--extra, -x | Display the command to be run before executing, and other additional information when available. |
--generated | Use the running tungsten_tls_keystore.jks in $CONTINUENT_ROOT/share/. You may not use --tls and --livetls together. |
--help, -h | Displays a help message. |
--i-am-sure | Confirm you want the DESTRUCTIVE operation (delete/rotate) to proceed without an interactive pause. |
--info, -i | Displays info-level status messages. |
--livetls | Use the running tungsten_tls_keystore.jks in $CONTINUENT_ROOT/share/. You may not use --tls and --livetls together. |
--long, -l | Display verbose output in keytool and openssl and other areas. |
--mysqldir | Specify the target directory to store MySQL-specific files in. |
--quiet, -q | Hides status output whenever possible. |
--running, -r | Use the running files from $CONTINUENT_ROOT/share/ instead of the certs source directory $CONTINUENT_ROOT/generated/. |
--tls | Specify a source TLS typeSpec (either tls_keystore or TLS_FILE). |
-v | Displays verbose-level status messages. |
To see more detailed help on each action, you can use the following commands:
shell> tpm cert h {action}