Certificate Authority process tell commands

You can use Tell commands with the Domino® CA process.

This table describes additional Tell commands you can use with the Domino® CA process.

Table 1. Tell commands

Command

Result

Tell CA Quit

Stops CA process.

Tell CA Stat

Displays summary information for the certifiers using the CA process; this includes the certifier's number, its hierarchical name, certifier type (Notes® or Internet), whether it is active, and name of the ICL database.

Tell CA Show Queue Certifier Number

Display a list of pending certificate requests, revocation requests, and configuration modification requests for a specific certifier, using its number from the results of the tell ca statuscommand. You can also use an asterisk (*) to show this information for all certifiers that are using the CA process.

Tell Ca Activate Certifier Number Password

Activate a certifier if the certifier is created with Require password to activate certifier, or use this for any certifier that has been deactivated. Activation is enabled during CA setup and creation. Activate a specific certifier by entering its number from the results of the tell ca status command. Or you can actually unlock all server ID/password-protected certifiers at one time with this command, if you specify * for the certifier number. The CA process then prompts you for the password for each certifier.

Tell CA Deactivate Certifier Number

Deactivate a certifier. You will need to activate it again in order for it to process any request. Use * to deactivate everything, or deactivate a specific certifier by entering its number from the results of the tell ca status command.

Tell CA Lock Idfile

Lock all certifiers that were set up with a lock ID, as specified during CA setup.

Tell CA Unlock Idfile Password

Unlock all certifiers using the ID and password that comprise the lock ID. The lock ID is specified during CA setup.

Tell CA CRL Issue Certifier Number

Issue a non-regular (immediate) CRL for a specific certifier, where certifier number is the number of the certifier specified in the results of the tell ca status command.

Tell CA CRL Push Certifier Number

Push a certifier's latest regularly scheduled CRL to the Domino® Directory, where certifier number is the number of the certifier specified in the results of the tell ca status command.

Tell CA CRL Info Certifier Number [s/S/n/N]

Display CRL information for a specified certifier, where certifier number is the number of the certifier specified by the tell ca status command. Use s or S for regularly scheduled CRLs, and n or N for non-regularly scheduled (immediate) CRLs.

Tell CA Refresh

Force the CA process to refresh its list of certifiers. As a result:

  • newly configured certifiers will be added to the CA process
  • previously unlocked certifiers will need to be unlocked again
  • previously activated certifiers may need to be activated again, if the activation password has changed
  • the Notes® certifier ID file in idstorage will be updated with the latest certificate information

Tell CA Help

List tell ca options