Red Hat Summit Red Hat SummitSupportConsoleDevelopersStart a trialContact

13.7. Using an Access Banner

In Certificate System, Administrators can configure a banner with customizable text. The banner will be displayed in the following situations:
Expand
Application When the banner is displayed
PKI Console
  • Before the console is displayed.
  • After the session has expired. [a]
Web interface
  • When you connect to the web interface.
  • After the session expired.[a]
pki command-line utility
  • Before the actual operation proceeds.
[a] For details about changing the session timeout, see Section 13.4.2, “Session Timeout”.
You can use the banner to display important information to the users before they can use Certificate System. The user must agree to the displayed text to continue.

Example 13.5. When the Access Banner is Displayed

The following example shows when the access banner is displayed if you are using the pki utility: 
$ pki cert-show 0x1
WARNING! Access to this service is restricted to those individuals with specific permissions. If you are not an authorized user, disconnect now. Any attempts to gain unauthorized access will be prosecuted to the fullest extent of the law. Do you want to proceed (y/N)? y
-----------------
Certificate "0x1"
-----------------
  Serial Number: 0x1
  Issuer: CN=CA Signing Certificate,OU=instance_name,O=EXAMPLE
  Subject: CN=CA Signing Certificate,OU=instance_name,O=EXAMPLE
  Status: VALID
  Not Before: Mon Feb 20 18:21:03 CET 2017
  Not After: Fri Feb 20 18:21:03 CET 2037
Copy to Clipboard Toggle word wrap

13.7.1. Enabling an Access Banner
Copy link

To enable the access banner, create the /etc/pki/instance_name/banner.txt file and enter the text to displayed.

Important

The text in the /etc/pki/instance_name/banner.txt file must use the UTF-8 format. To validate, see Section 13.7.4, “Validating the Banner”.

13.7.2. Disabling an Access Banner
Copy link

To disable the access banner, either delete or rename the /etc/pki/instance_name/banner.txt file. For example: 
# mv /etc/pki/instance_name/banner.txt /etc/pki/instance_name/banner.txt.UNUSED
Copy to Clipboard Toggle word wrap

13.7.3. Displaying the Banner
Copy link

To display the currently configured banner: 
# pki-server banner-show -i instance_name
Copy to Clipboard Toggle word wrap

13.7.4. Validating the Banner
Copy link

To validate that the banner does not contain invalid characters: 
# pki-server banner-validate -i instance_name
---------------
Banner is valid
---------------
Copy to Clipboard Toggle word wrap
Back to top
Red Hat logoGithubredditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust. Explore our recent updates.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Theme

© 2025 Red Hat