github.com/argoproj/argo-cd/v2@v2.10.5/docs/user-guide/commands/argocd_cert.md (about) 1 # `argocd cert` Command Reference 2 3 ## argocd cert 4 5 Manage repository certificates and SSH known hosts entries 6 7 ``` 8 argocd cert [flags] 9 ``` 10 11 ### Examples 12 13 ``` 14 # Add a TLS certificate for cd.example.com to ArgoCD cert store from a file 15 argocd cert add-tls --from ~/mycert.pem cd.example.com 16 17 # Add a TLS certificate for cd.example.com to ArgoCD via stdin 18 cat ~/mycert.pem | argocd cert add-tls cd.example.com 19 20 # Add SSH known host entries for cd.example.com to ArgoCD by scanning host 21 ssh-keyscan cd.example.com | argocd cert add-ssh --batch 22 23 # List all known TLS certificates 24 argocd cert list --cert-type https 25 26 # Remove all TLS certificates for cd.example.com 27 argocd cert rm --cert-type https cd.example.com 28 29 # Remove all certificates and SSH known host entries for cd.example.com 30 argocd cert rm cd.example.com 31 32 ``` 33 34 ### Options 35 36 ``` 37 --as string Username to impersonate for the operation 38 --as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups. 39 --as-uid string UID to impersonate for the operation 40 --certificate-authority string Path to a cert file for the certificate authority 41 --client-certificate string Path to a client certificate file for TLS 42 --client-key string Path to a client key file for TLS 43 --cluster string The name of the kubeconfig cluster to use 44 --context string The name of the kubeconfig context to use 45 --disable-compression If true, opt-out of response compression for all requests to the server 46 -h, --help help for cert 47 --insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure 48 --kubeconfig string Path to a kube config. Only required if out-of-cluster 49 -n, --namespace string If present, the namespace scope for this CLI request 50 --password string Password for basic authentication to the API server 51 --proxy-url string If provided, this URL will be used to connect via proxy 52 --request-timeout string The length of time to wait before giving up on a single server request. Non-zero values should contain a corresponding time unit (e.g. 1s, 2m, 3h). A value of zero means don't timeout requests. (default "0") 53 --tls-server-name string If provided, this name will be used to validate server certificate. If this is not provided, hostname used to contact the server is used. 54 --token string Bearer token for authentication to the API server 55 --user string The name of the kubeconfig user to use 56 --username string Username for basic authentication to the API server 57 ``` 58 59 ### Options inherited from parent commands 60 61 ``` 62 --auth-token string Authentication token 63 --client-crt string Client certificate file 64 --client-crt-key string Client certificate key file 65 --config string Path to Argo CD config (default "/home/user/.config/argocd/config") 66 --controller-name string Name of the Argo CD Application controller; set this or the ARGOCD_APPLICATION_CONTROLLER_NAME environment variable when the controller's name label differs from the default, for example when installing via the Helm chart (default "argocd-application-controller") 67 --core If set to true then CLI talks directly to Kubernetes instead of talking to Argo CD API server 68 --grpc-web Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. 69 --grpc-web-root-path string Enables gRPC-web protocol. Useful if Argo CD server is behind proxy which does not support HTTP2. Set web root. 70 -H, --header strings Sets additional header to all requests made by Argo CD CLI. (Can be repeated multiple times to add multiple headers, also supports comma separated headers) 71 --http-retry-max int Maximum number of retries to establish http connection to Argo CD server 72 --insecure Skip server certificate and domain verification 73 --kube-context string Directs the command to the given kube-context 74 --logformat string Set the logging format. One of: text|json (default "text") 75 --loglevel string Set the logging level. One of: debug|info|warn|error (default "info") 76 --plaintext Disable TLS 77 --port-forward Connect to a random argocd-server port using port forwarding 78 --port-forward-namespace string Namespace name which should be used for port forwarding 79 --redis-haproxy-name string Name of the Redis HA Proxy; set this or the ARGOCD_REDIS_HAPROXY_NAME environment variable when the HA Proxy's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis-ha-haproxy") 80 --redis-name string Name of the Redis deployment; set this or the ARGOCD_REDIS_NAME environment variable when the Redis's name label differs from the default, for example when installing via the Helm chart (default "argocd-redis") 81 --repo-server-name string Name of the Argo CD Repo server; set this or the ARGOCD_REPO_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-repo-server") 82 --server string Argo CD server address 83 --server-crt string Server certificate file 84 --server-name string Name of the Argo CD API server; set this or the ARGOCD_SERVER_NAME environment variable when the server's name label differs from the default, for example when installing via the Helm chart (default "argocd-server") 85 ``` 86 87 ### SEE ALSO 88 89 * [argocd](argocd.md) - argocd controls a Argo CD server 90 * [argocd cert add-ssh](argocd_cert_add-ssh.md) - Add SSH known host entries for repository servers 91 * [argocd cert add-tls](argocd_cert_add-tls.md) - Add TLS certificate data for connecting to repository server SERVERNAME 92 * [argocd cert list](argocd_cert_list.md) - List configured certificates 93 * [argocd cert rm](argocd_cert_rm.md) - Remove certificate of TYPE for REPOSERVER 94