Managing certificates and identities with Grid CLI
Grid CLI commands are useful for managing the Grid offline, or when the Grid Management Pages cannot be accessed. They are also useful for automation purposes. The Grid CLI tool is available in the tools subfolder of the grid installation folder on each host.
The tool is called with this command:
java -jar <grid install
folder>/tools/grid-cli.jar -dir <grid install
folder>
<command>
Executing this without the
<command>
part will show the usage.
- Certificate
- Identity
- Cert
Adding a command to the call will show the usage for that command and the expected input parameters.
All CLI commands can be prefixed with -json to write the result to a file,
e.g.
>java -jar grid-cli.jar -json output.json certificate clientcreate-clientname test
-keystoretype jks
| Task | Command |
|---|---|
| Listing client certificates issued by the Grid, selected by status. | certificate clientList |
| Creating a client key store for authenticating to the Grid. | certificate clientCreate |
| Revoking a client certificate. | certificate clientRevoke |
| Listing all HTTPS identities. | identity list |
| Creating a new identity with an SSL certificate issued by the Grid. | identity create |
| Creating a new HTTPS identity by importing a key store. | identity createWithKeyStore |
| Exporting an identity SSL certificate with the private key. | identity export |
| Listing the configured HTTPS identities on each router. | router list |
| Exporting Grid root certificate for use in a trust store. | cert exportGrid |