github.com/silveraid/fabric-ca@v1.1.0-preview.0.20180127000700-71974f53ab08/docs/source/servercli.rst (about)

     1  Fabric-CA Server's CLI
     2  =======================
     3  
     4  ::
     5  
     6      Hyperledger Fabric Certificate Authority Server
     7      
     8      Usage:
     9        fabric-ca-server [command]
    10      
    11      Available Commands:
    12        init        Initialize the fabric-ca server
    13        start       Start the fabric-ca server
    14        version     Prints Fabric CA Server version
    15      
    16      Flags:
    17            --address string                            Listening address of fabric-ca-server (default "0.0.0.0")
    18        -b, --boot string                               The user:pass for bootstrap admin which is required to build default config file
    19            --ca.certfile string                        PEM-encoded CA certificate file (default "ca-cert.pem")
    20            --ca.chainfile string                       PEM-encoded CA chain file (default "ca-chain.pem")
    21            --ca.keyfile string                         PEM-encoded CA key file
    22        -n, --ca.name string                            Certificate Authority name
    23            --cacount int                               Number of non-default CA instances
    24            --cafiles stringSlice                       A list of comma-separated CA configuration files
    25            --cfg.affiliations.allowremove              Enables removing of affiliations dynamically
    26            --cfg.identities.allowremove                Enables removal of identities dynamically
    27            --crl.expiry duration                       Expiration for the CRL generated by the gencrl request (default 24h0m0s)
    28            --crlsizelimit int                          Size limit of an acceptable CRL in bytes (default 512000)
    29            --csr.cn string                             The common name field of the certificate signing request to a parent fabric-ca-server
    30            --csr.hosts stringSlice                     A list of space-separated host names in a certificate signing request to a parent fabric-ca-server
    31            --csr.serialnumber string                   The serial number in a certificate signing request to a parent fabric-ca-server
    32            --db.datasource string                      Data source which is database specific (default "fabric-ca-server.db")
    33            --db.tls.certfiles stringSlice              A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)
    34            --db.tls.client.certfile string             PEM-encoded certificate file when mutual authenticate is enabled
    35            --db.tls.client.keyfile string              PEM-encoded key file when mutual authentication is enabled
    36            --db.type string                            Type of database; one of: sqlite3, postgres, mysql (default "sqlite3")
    37        -d, --debug                                     Enable debug level logging
    38        -H, --home string                               Server's home directory (default "/etc/hyperledger/fabric-ca")
    39            --intermediate.enrollment.label string      Label to use in HSM operations
    40            --intermediate.enrollment.profile string    Name of the signing profile to use in issuing the certificate
    41            --intermediate.parentserver.caname string   Name of the CA to connect to on fabric-ca-server
    42        -u, --intermediate.parentserver.url string      URL of the parent fabric-ca-server (e.g. http://<username>:<password>@<address>:<port)
    43            --intermediate.tls.certfiles stringSlice    A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)
    44            --intermediate.tls.client.certfile string   PEM-encoded certificate file when mutual authenticate is enabled
    45            --intermediate.tls.client.keyfile string    PEM-encoded key file when mutual authentication is enabled
    46            --ldap.enabled                              Enable the LDAP client for authentication and attributes
    47            --ldap.groupfilter string                   The LDAP group filter for a single affiliation group (default "(memberUid=%s)")
    48            --ldap.tls.certfiles stringSlice            A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)
    49            --ldap.tls.client.certfile string           PEM-encoded certificate file when mutual authenticate is enabled
    50            --ldap.tls.client.keyfile string            PEM-encoded key file when mutual authentication is enabled
    51            --ldap.url string                           LDAP client URL of form ldap://adminDN:adminPassword@host[:port]/base
    52            --ldap.userfilter string                    The LDAP user filter to use when searching for users (default "(uid=%s)")
    53        -p, --port int                                  Listening port of fabric-ca-server (default 7054)
    54            --registry.maxenrollments int               Maximum number of enrollments; valid if LDAP not enabled (default -1)
    55            --tls.certfile string                       PEM-encoded TLS certificate file for server's listening port
    56            --tls.clientauth.certfiles stringSlice      A list of comma-separated PEM-encoded trusted certificate files (e.g. root1.pem,root2.pem)
    57            --tls.clientauth.type string                Policy the server will follow for TLS Client Authentication. (default "noclientcert")
    58            --tls.enabled                               Enable TLS on the listening port
    59            --tls.keyfile string                        PEM-encoded TLS key for server's listening port
    60      
    61      Use "fabric-ca-server [command] --help" for more information about a command.