github.com/cactusblossom/fabric-ca@v0.0.0-20200611062428-0082fc643826/docs/source/servercli.rst (about) 1 ======================= 2 Fabric-CA Server's CLI 3 ======================= 4 5 :: 6 7 Hyperledger Fabric Certificate Authority Server 8 9 Usage: 10 fabric-ca-server [command] 11 12 Available Commands: 13 init Initialize the fabric-ca server 14 start Start the fabric-ca server 15 version Prints Fabric CA Server version 16 17 Flags: 18 --address string Listening address of fabric-ca-server (default "0.0.0.0") 19 -b, --boot string The user:pass for bootstrap admin which is required to build default config file 20 --ca.certfile string PEM-encoded CA certificate file (default "ca-cert.pem") 21 --ca.chainfile string PEM-encoded CA chain file (default "ca-chain.pem") 22 --ca.keyfile string PEM-encoded CA key file 23 -n, --ca.name string Certificate Authority name 24 --cacount int Number of non-default CA instances 25 --cafiles stringSlice A list of comma-separated CA configuration files 26 --cfg.affiliations.allowremove Enables removal of affiliations dynamically 27 --cfg.identities.allowremove Enables removal of identities dynamically 28 --cfg.identities.passwordattempts int Number of incorrect password attempts allowed (default 10) 29 --cors.enabled Enable CORS for the fabric-ca-server 30 --cors.origins stringSlice Comma-separated list of Access-Control-Allow-Origin domains 31 --crl.expiry duration Expiration for the CRL generated by the gencrl request (default 24h0m0s) 32 --crlsizelimit int Size limit of an acceptable CRL in bytes (default 512000) 33 --csr.cn string The common name field of the certificate signing request to a parent fabric-ca-server 34 --csr.hosts stringSlice A list of comma-separated host names in a certificate signing request to a parent fabric-ca-server 35 --csr.keyrequest.algo string Specify key algorithm 36 --csr.keyrequest.size int Specify key size 37 --csr.serialnumber string The serial number in a certificate signing request to a parent fabric-ca-server 38 --db.datasource string Data source which is database specific (default "fabric-ca-server.db") 39 --db.tls.certfiles stringSlice A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 40 --db.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 41 --db.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 42 --db.type string Type of database; one of: sqlite3, postgres, mysql (default "sqlite3") 43 -H, --home string Server's home directory (default "/etc/hyperledger/fabric-ca") 44 --idemix.nonceexpiration string Duration after which a nonce expires (default "15s") 45 --idemix.noncesweepinterval string Interval at which expired nonces are deleted (default "15m") 46 --idemix.rhpoolsize int Specifies revocation handle pool size (default 100) 47 --intermediate.enrollment.label string Label to use in HSM operations 48 --intermediate.enrollment.profile string Name of the signing profile to use in issuing the certificate 49 --intermediate.enrollment.type string The type of enrollment request: 'x509' or 'idemix' (default "x509") 50 --intermediate.parentserver.caname string Name of the CA to connect to on fabric-ca-server 51 -u, --intermediate.parentserver.url string URL of the parent fabric-ca-server (e.g. http://<username>:<password>@<address>:<port) 52 --intermediate.tls.certfiles stringSlice A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 53 --intermediate.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 54 --intermediate.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 55 --ldap.attribute.names stringSlice The names of LDAP attributes to request on an LDAP search 56 --ldap.enabled Enable the LDAP client for authentication and attributes 57 --ldap.groupfilter string The LDAP group filter for a single affiliation group (default "(memberUid=%s)") 58 --ldap.tls.certfiles stringSlice A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 59 --ldap.tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 60 --ldap.tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 61 --ldap.url string LDAP client URL of form ldap://adminDN:adminPassword@host[:port]/base 62 --ldap.userfilter string The LDAP user filter to use when searching for users (default "(uid=%s)") 63 --loglevel string Set logging level (info, warning, debug, error, fatal, critical) 64 -p, --port int Listening port of fabric-ca-server (default 7054) 65 --registry.maxenrollments int Maximum number of enrollments; valid if LDAP not enabled (default -1) 66 --tls.certfile string PEM-encoded TLS certificate file for server's listening port (default "tls-cert.pem") 67 --tls.clientauth.certfiles stringSlice A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 68 --tls.clientauth.type string Policy the server will follow for TLS Client Authentication. (default "noclientcert") 69 --tls.enabled Enable TLS on the listening port 70 --tls.keyfile string PEM-encoded TLS key for server's listening port 71 72 Use "fabric-ca-server [command] --help" for more information about a command.