pki
The pki
command groups subcommands for interacting with Vault's
PKI Secrets Engine.
Syntax
Option flags for a given subcommand are provided after the subcommand, but before the arguments.
Example Health Check
To health check a mount, use the
vault pki health-check <mount>
command:
Example Verify Sign
To verify the signature between two
issuer certificates, use the vault pki verify-sign <parent> <child>
command:
Example List Child Issuers
To list intermediate certificates
potentially issued by a certificate inside vault, use the
vault pki list-intermediates <parent>
command:
Example Issue
To issue a new issuer certificate, use the
vault pki issue <parent-certificate-path> <mount>
command:
Example Reissue
To reissue an issuer certificate, using the
same fields as an existing issuer template, use the
vault pki reissue <parent-certificate-path> <template> <mount>
command: