|
|
|
|
The certificate utility is used to manage SSL certificates through CLI. By using this utility, you can perform the following tasks:
Syntax
certificate <command> <certificate name> [<domain name>] [
<option_1> [<param>]
[<option_2> [<param>]]
…[<option_N> [<param>]]
]
Example
The following command line creates the SSL certificate named Site Certificate in domain's certificate repository for domain example.com by using private key file /usr/local/keys/keyfile.key, corresponding certificate file /usr/local/cert/certfile.cert, CA certificate file /usr/local/cert/cacert.cert, and associates the corresponding certificate signing request file usr/local/requests/csreq.csr with the certificate in Plesk:
# ./certificate -c "Site Certificate" -domain example.com -key-file /usr/local/keyfile.key -cert-file.cert -cacert-file /usr/local/cert/cacert.cert -csr-file usr/local/requests/csreq
Commands
Command |
Parameter |
Description |
Example |
|---|---|---|---|
|
|
Creates an SSL certificate in the specified certificate repository (administrator's or domain's repository) by using a private key file and a corresponding certificate file. For information on the options required by the command, refer to the Note below the table. |
To create the SSL certificate named Site Certificate in domain's certificate repository for domain example.com by using private key file # ./certificate --create "Site Certificate" -domain example.com -key-file /usr/local/keyfile.key -cert-file.cert or # ./certificate -c "Site Certificate" -domain example.com -key-file /usr/local/keyfile.key -cert-file.cert |
|
|
Updates an existing SSL certificate's parameters. |
To change the name of SSL certificate named Site Certificate on domain example.com: to New Certificate # ./certificate --update "Site Certificate" -domain example.com -new-name "New Certificate" or # ./certificate -u "Site Certificate" -domain example.com -new-name "New Certificate" |
|
|
Deletes an SSL certificate from administrator's or domain's repository. |
To delete the SSL certificate named Site Certificate from domain example.com: # ./certificate --remove "Site Certificate" -domain example.com or # ./certificate -r "Site Certificate" -domain example.com |
|
|
Assigns an SSL certificate in administrator's repository for use with a specific IP address. Requires concomitant use of the |
To assign the SSL certificate named Site Certificate (from the administrator's repository) example.com for use with IP address 192.168.67.78: # ./certificate --assign-cert "Site Certificate" -domain example.com -ip 192.168.67.78 or # ./certificate -ac "Site Certificate" -domain example.com -ip 192.168.67.78 |
|
|
Displays the list of SSL certificates stored in the specified certificate repository (administrator's or domain's repository). |
To display the list of SSL certificates existing in the certificates repository on domain example.com: # ./certificate --list -domain example.com or # ./certificate -l -domain example.com |
|
|
Displays help on the use of the utility. |
To view help on the use of the certificate utility: # ./certificate –help or # ./certificate -h |
Note: The --create command requires concomitant use of one of the following combinations of options: * -csr-file <file name> -key-file <file name>
* -csr-file <file name> -key-file <file name> -cert-file <file name>
* -csr-file <file name> -key-file <file name> -cert-file <file name> -cacert-file <file name>
* -key-file <file name> -cert-file <file name> -cacert-file <file name>
* -key-file <file name> -cert-file <file name>
Options
Option |
Parameter |
Description |
Example |
|---|---|---|---|
|
|
Specifies a particular domain's certificate repository in Plesk as the location of a certificate. |
To delete the SSL certificate named Site Certificate from domain's certificate repository on domain example.com: # ./certificate -r "Site Certificate" -domain example.com |
|
|
Specifies the administrator's certificate repository in Plesk as the location of a certificate. |
To delete the SSL certificate named Site Certificate from # ./certificate -r "Site Certificate" -admin |
|
|
Sets an SSL certificate as the default certificate. Is used to set administrator's default certificate only. Used only concomitantly with the |
To set the SSL certificate named Site Certificate in the administrator's certificate repository in Plesk as the administrator's default certificate: # ./certificate -u "Site Certificate" -admin -default |
|
|
Changes the name of an existing SSL certificate. |
To change the name of the SSL certificate named Site Certificate in the administrator's certificate repository in Plesk to Old Site Certificate: # ./certificate -u "Site Certificate" -admin -new-name "Old Site Certificate" |
|
|
Specifies the path to a private key file on the Plesk server to be used for certificate creation (the Private key component). Used with the Required by the |
To create the SSL certificate named Site Certificate in domain's certificate repository for domain example.com by using private key file # ./certificate -c "Site Certificate" -domain example.com -key-file /usr/local/keyfile.key -cert-file.cert -cacert-file /usr/local/cert/cacert.cert -csr-file usr/local/requests/csreq
|
|
|
Specifies the path to an SSL certificate file on the Plesk server to be used for certificate creation (the Certificate component). Used with the Required by the |
|
|
|
Specifies the path to the CA certificate file on the Plesk server to be used for an SSL certificate creation in Plesk (the CA Certificate component). Used with the |
|
|
|
Specifies the path to a certificate signing request file on the Plesk server and associates the certificate signing request with the certificate to be created in Plesk (the CSR component). |
|
|
|
Specifies an IP address to which an SSL certificate is to be assigned. Used with the Required by the |
To assign the SSL certificate named Site Certificate on domain example.com for use with IP address 192.168.67.78: # ./certificate --assign-cert "Site Certificate" -domain example.com -ip 192.168.67.78 or # ./certificate -ac "Site Certificate" -domain example.com -ip 192.168.67.78 |
