10.7. Manually Reviewing the Certificate Status Using the Command Line
To review certificate requests, ensure that you are authenticated as an agent with proper permissions to approve certificate requests. For details about configuring the
pki
command-line interface, see Section 2.5.1.1, “pki CLI Initialization”.
To review the requests:
- Display the list of pending certificate requests:
$ pki agent_authentication_parameters ca-cert-request-find --status pending
This command lists all pending certificate requests. - Download a particular certificate request:
$ pki agent_authentication_parameters ca-cert-request-review id --file request.xml
- Open the
request.xml
file in an editor or a separate terminal, and review the contents of the request to ensure it is legitimate. Then answer the prompt: if the request is valid, answer "approve
and press Enter. If the request is invalid, answerreject
and press Enter. Organizations can subscribe semantic differences toreject
andcancel
; both result in no certificate being issued.