github.com/hyperledger/fabric-ca@v2.0.0-alpha.0.20201120210307-7b4f34729db1+incompatible/docs/source/clientcli.rst (about) 1 ======================= 2 Fabric-CA Client's CLI 3 ======================= 4 5 :: 6 7 Hyperledger Fabric Certificate Authority Client 8 9 Usage: 10 fabric-ca-client [command] 11 12 Available Commands: 13 affiliation Manage affiliations 14 certificate Manage certificates 15 enroll Enroll an identity 16 gencrl Generate a CRL 17 gencsr Generate a CSR 18 getcainfo Get CA certificate chain and Idemix public key 19 help Help about any command 20 identity Manage identities 21 reenroll Reenroll an identity 22 register Register an identity 23 revoke Revoke an identity 24 version Prints Fabric CA Client version 25 26 Flags: 27 --caname string Name of CA 28 --csr.cn string The common name field of the certificate signing request 29 --csr.hosts strings A list of comma-separated host names in a certificate signing request 30 --csr.keyrequest.algo string Specify key algorithm 31 --csr.keyrequest.reusekey Reuse existing key during reenrollment 32 --csr.keyrequest.size int Specify key size 33 --csr.names strings A list of comma-separated CSR names of the form <name>=<value> (e.g. C=CA,O=Org1) 34 --csr.serialnumber string The serial number in a certificate signing request 35 --enrollment.attrs strings A list of comma-separated attribute requests of the form <name>[:opt] (e.g. foo,bar:opt) 36 --enrollment.label string Label to use in HSM operations 37 --enrollment.profile string Name of the signing profile to use in issuing the certificate 38 --enrollment.type string The type of enrollment request: 'x509' or 'idemix' (default "x509") 39 -h, --help help for fabric-ca-client 40 -H, --home string Client's home directory (default "$HOME/.fabric-ca-client") 41 --id.affiliation string The identity's affiliation 42 --id.attrs strings A list of comma-separated attributes of the form <name>=<value> (e.g. foo=foo1,bar=bar1) 43 --id.maxenrollments int The maximum number of times the secret can be reused to enroll (default CA's Max Enrollment) 44 --id.name string Unique name of the identity 45 --id.secret string The enrollment secret for the identity being registered 46 --id.type string Type of identity being registered (e.g. 'peer, app, user') (default "client") 47 --loglevel string Set logging level (info, warning, debug, error, fatal, critical) 48 -M, --mspdir string Membership Service Provider directory (default "msp") 49 -m, --myhost string Hostname to include in the certificate signing request during enrollment (default "$HOSTNAME") 50 -a, --revoke.aki string AKI (Authority Key Identifier) of the certificate to be revoked 51 -e, --revoke.name string Identity whose certificates should be revoked 52 -r, --revoke.reason string Reason for revocation 53 -s, --revoke.serial string Serial number of the certificate to be revoked 54 --tls.certfiles strings A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem) 55 --tls.client.certfile string PEM-encoded certificate file when mutual authenticate is enabled 56 --tls.client.keyfile string PEM-encoded key file when mutual authentication is enabled 57 -u, --url string URL of fabric-ca-server (default "http://localhost:7054") 58 59 Use "fabric-ca-client [command] --help" for more information about a command. 60 61 Identity Command 62 ================== 63 64 :: 65 66 Manage identities 67 68 Usage: 69 fabric-ca-client identity [command] 70 71 Available Commands: 72 add Add identity 73 list List identities 74 modify Modify identity 75 remove Remove identity 76 77 Flags: 78 -h, --help help for identity 79 80 ----------------------------- 81 82 Add an identity 83 84 Usage: 85 fabric-ca-client identity add <id> [flags] 86 87 Examples: 88 fabric-ca-client identity add user1 --type peer 89 90 Flags: 91 --affiliation string The identity's affiliation 92 --attrs strings A list of comma-separated attributes of the form <name>=<value> (e.g. foo=foo1,bar=bar1) 93 -h, --help help for add 94 --json string JSON string for adding a new identity 95 --maxenrollments int The maximum number of times the secret can be reused to enroll (default CA's Max Enrollment) 96 --secret string The enrollment secret for the identity being added 97 --type string Type of identity being registered (e.g. 'peer, app, user') (default "user") 98 99 ----------------------------- 100 101 List identities visible to caller 102 103 Usage: 104 fabric-ca-client identity list [flags] 105 106 Flags: 107 -h, --help help for list 108 --id string Get identity information from the fabric-ca server 109 110 ----------------------------- 111 112 Modify an existing identity 113 114 Usage: 115 fabric-ca-client identity modify <id> [flags] 116 117 Examples: 118 fabric-ca-client identity modify user1 --type peer 119 120 Flags: 121 --affiliation string The identity's affiliation 122 --attrs strings A list of comma-separated attributes of the form <name>=<value> (e.g. foo=foo1,bar=bar1) 123 -h, --help help for modify 124 --json string JSON string for modifying an existing identity 125 --maxenrollments int The maximum number of times the secret can be reused to enroll 126 --secret string The enrollment secret for the identity 127 --type string Type of identity being registered (e.g. 'peer, app, user') 128 129 ----------------------------- 130 131 Remove an identity 132 133 Usage: 134 fabric-ca-client identity remove <id> [flags] 135 136 Examples: 137 fabric-ca-client identity remove user1 138 139 Flags: 140 --force Forces removing your own identity 141 -h, --help help for remove 142 143 144 Affiliation Command 145 ===================== 146 147 :: 148 149 Manage affiliations 150 151 Usage: 152 fabric-ca-client affiliation [command] 153 154 Available Commands: 155 add Add affiliation 156 list List affiliations 157 modify Modify affiliation 158 remove Remove affiliation 159 160 Flags: 161 -h, --help help for affiliation 162 163 ----------------------------- 164 165 Add affiliation 166 167 Usage: 168 fabric-ca-client affiliation add <affiliation> [flags] 169 170 Flags: 171 --force Creates parent affiliations if they do not exist 172 -h, --help help for add 173 174 ----------------------------- 175 176 List affiliations visible to caller 177 178 Usage: 179 fabric-ca-client affiliation list [flags] 180 181 Flags: 182 --affiliation string Get affiliation information from the fabric-ca server 183 -h, --help help for list 184 185 ----------------------------- 186 187 Modify existing affiliation 188 189 Usage: 190 fabric-ca-client affiliation modify <affiliation> [flags] 191 192 Flags: 193 --force Forces identities using old affiliation to use new affiliation 194 -h, --help help for modify 195 --name string Rename the affiliation 196 197 ----------------------------- 198 199 Remove affiliation 200 201 Usage: 202 fabric-ca-client affiliation remove <affiliation> [flags] 203 204 Flags: 205 --force Forces removal of any child affiliations and any identities associated with removed affiliations 206 -h, --help help for remove 207 208 209 Certificate Command 210 ===================== 211 212 :: 213 214 Manage certificates 215 216 Usage: 217 fabric-ca-client certificate [command] 218 219 Available Commands: 220 list List certificates 221 222 Flags: 223 -h, --help help for certificate 224 225 ----------------------------- 226 227 List all certificates which are visible to the caller and match the flags 228 229 Usage: 230 fabric-ca-client certificate list [flags] 231 232 Examples: 233 fabric-ca-client certificate list --id admin --expiration 2018-01-01::2018-01-30 234 fabric-ca-client certificate list --id admin --expiration 2018-01-01T01:30:00z::2018-01-30T11:30:00z 235 fabric-ca-client certificate list --id admin --expiration -30d::-15d 236 237 Flags: 238 --aki string Get certificates for this AKI 239 --expiration string Get certificates which expire between the UTC timestamp (RFC3339 format) or duration specified (e.g. <begin_time>::<end_time>) 240 -h, --help help for list 241 --id string Get certificates for this enrollment ID 242 --notexpired Don't return expired certificates 243 --notrevoked Don't return revoked certificates 244 --revocation string Get certificates that were revoked between the UTC timestamp (RFC3339 format) or duration specified (e.g. <begin_time>::<end_time>) 245 --serial string Get certificates for this serial number 246 --store string Store requested certificates in this location 247