This tool has the following syntax:
pkicreate -pki_instance_root=/directory/path-subsystem_type=type-pki_instance_name=instance_ID[-secure_port=SSLport] [-unsecure_port=port] -tomcat_server_port=port-user=user_name-group=group_name[-verbose] [-help]
The pkicreate tool also accepts an environment variable, DONT_RUN_PKICREATE; if this is set, the pkicreate utility is prevented from doing anything. When the DONT_RUN_PKICREATE variable is set before installing the default subsystem instance (before running the rhpki-install script), this allows the default instance to be installed in a user-defined location instead of the default location.
| Parameter | Description |
|---|---|
pki_instance_root
|
Gives the full path to the new instance configuration directory. |
subsystem_type
|
Gives the type of subsystem being created. The possible values are as follows:
|
pki_instance_name
|
Gives the name of the new instance.The name must be unique within the security domain. Even cloned subsystems must have different instance names for cloning to succeed. |
secure_port
|
Optional. Sets the SSL port number. If this is not set, the number is randomly generated. |
unsecure_port
|
Optional. Sets the regular port number. If this is not set, the number is randomly generated. |
tomcat_server_port
|
Sets the port number for the Tomcat web server. This option must be set for CA, OCSP, TKS, and DRM instances. tomcat_server_port is not used when creating a TPS instance since it does not use a Tomcat web server.
|
user
|
Sets the user as which the Certificate System instance will run. This option must be set. |
group
|
Sets the group as which the Certificate System instance will run. This option must be set. |
verbose
|
Optional. Runs the new instance creation in verbose mode. |
help
|
Shows the help information. |