Search

2.2. Authentication

download PDF
Some commands based on the pki utility require the user to authenticate. The utility supports authentication with the user name and password credentials or with a client certificate.

Authentication with a User Name and Password

To supply the user name, add the -u option to the particular pki command. To supply the password, use the -W or -w option; alternatively, if you do not add the password directly to the command using -W or -w, pki prompts for the password interactively if required.
For batch operations, it is recommended to use -W to provide the password because this option enables you to take certain security measures to protect the password, such as set system permissions, system ACLs, or SELinux policies. With -w, you supply the password in plain text.
For individual command-line invocations, it is recommended not to supply the password directly with the command and instead provide it interactively. For example, by executing the following command, the user only supplies the user name and lets pki prompt for the password:
pki -u user_name user-find
For more information about the described options, see the pki(1) man page.

Authentication with a Client Certificate

To supply the required certificate information, use the -C or -c options to specify the security database file and the -n option to specify the certificate nickname.
For batch operations, it recommended to use -C to pass the file because this option enables you to take certain security measures to protect the file, such as set system permissions, system ACLs, or SELinux policies. With -c, the file is provided in plain text.
pki -C security_database_password_file -n certificate_nickname user-find
For more information about the described options, see the pki(1) man page.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.