github.com/49746628/fabric-ca-gm@v2.0.0-alpha.0.20200822143404-8a07eefa7452+incompatible/docs/source/servercli.rst (about) 1 ======================= 2 Fabric-CA Server's CLI 3 ======================= 4 5 :: 6 7 Hyperledger Fabric Certificate Authority Server 8 9 Usage: 10 fabric-ca-server [command] 11 12 Available Commands: 13 help Help about any command 14 init Initialize the fabric-ca server 15 start Start the fabric-ca server 16 version Prints Fabric CA Server version 17 18 Flags: 19 --address string Listening address of fabric-ca-server (default "0.0.0.0") 20 -b, --boot string The user:pass for bootstrap admin which is required to build default config file 21 --ca.certfile string PEM-encoded CA certificate file (default "ca-cert.pem") 22 --ca.chainfile string PEM-encoded CA chain file (default "ca-chain.pem") 23 --ca.keyfile string PEM-encoded CA key file 24 -n, --ca.name string Certificate Authority name 25 --cacount int Number of non-default CA instances 26 --cafiles strings A list of comma-separated CA configuration files 27 --cfg.affiliations.allowremove Enables removal of affiliations dynamically 28 --cfg.identities.allowremove Enables removal of identities dynamically 29 --cfg.identities.passwordattempts int Number of incorrect password attempts allowed (default 10) 30 --cors.enabled Enable CORS for the fabric-ca-server 31 --cors.origins strings Comma-separated list of Access-Control-Allow-Origin domains 32 --crl.expiry duration Expiration for the CRL generated by the gencrl request (default 24h0m0s) 33 --crlsizelimit int Size limit of an acceptable CRL in bytes (default 512000) 34 --csr.cn string The common name field of the certificate signing request to a parent fabric-ca-server 35 --csr.hosts strings A list of comma-separated host names in a certificate signing request to a parent fabric-ca-server 36 --csr.keyrequest.algo string Specify key algorithm 37 --csr.keyrequest.size int Specify key size 38 --csr.serialnumber string The serial number in a certificate signing request to a parent fabric-ca-server 39 --db.datasource string Data source which is database specific (default "fabric-ca-server.db") 40 --db.tls.certfiles strings A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 41 --db.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 42 --db.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 43 --db.type string Type of database; one of: sqlite3, postgres, mysql (default "sqlite3") 44 -h, --help help for fabric-ca-server 45 -H, --home string Server's home directory (default "/etc/hyperledger/fabric-ca") 46 --idemix.nonceexpiration string Duration after which a nonce expires (default "15s") 47 --idemix.noncesweepinterval string Interval at which expired nonces are deleted (default "15m") 48 --idemix.rhpoolsize int Specifies revocation handle pool size (default 100) 49 --intermediate.enrollment.label string Label to use in HSM operations 50 --intermediate.enrollment.profile string Name of the signing profile to use in issuing the certificate 51 --intermediate.enrollment.type string The type of enrollment request: 'x509' or 'idemix' (default "x509") 52 --intermediate.parentserver.caname string Name of the CA to connect to on fabric-ca-server 53 -u, --intermediate.parentserver.url string URL of the parent fabric-ca-server (e.g. http://<username>:<password>@<address>:<port) 54 --intermediate.tls.certfiles strings A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 55 --intermediate.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 56 --intermediate.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 57 --ldap.attribute.names strings The names of LDAP attributes to request on an LDAP search 58 --ldap.enabled Enable the LDAP client for authentication and attributes 59 --ldap.groupfilter string The LDAP group filter for a single affiliation group (default "(memberUid=%s)") 60 --ldap.tls.certfiles strings A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 61 --ldap.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 62 --ldap.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 63 --ldap.url string LDAP client URL of form ldap://adminDN:adminPassword@host[:port]/base 64 --ldap.userfilter string The LDAP user filter to use when searching for users (default "(uid=%s)") 65 --loglevel string Set logging level (info, warning, debug, error, fatal, critical) 66 -p, --port int Listening port of fabric-ca-server (default 7054) 67 --registry.maxenrollments int Maximum number of enrollments; valid if LDAP not enabled (default -1) 68 --tls.certfile string PEM-encoded TLS certificate file for server's listening port (default "tls-cert.pem") 69 --tls.clientauth.certfiles strings A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 70 --tls.clientauth.type string Policy the server will follow for TLS Client Authentication. (default "noclientcert") 71 --tls.enabled Enable TLS on the listening port 72 --tls.keyfile string PEM-encoded TLS key for server's listening port 73 74 Use "fabric-ca-server [command] --help" for more information about a command.