Search

vcli certificates

Handle certificates

Synopsis

Handle TLS certificates, such as listing, add, delete or update.

Examples:

 certificate list
 certificate ls -f id=1
 certificate ls -f name="MyCertificate*"
 certificate delete 1
 certificate inspect 1

	# Certificate type database
 certificate database add mycert --cert /path/to/concatenated.pem --all-sans
 certificate database add mycert --cert /path/to/certificate.pem --key /path/to/private-key.pem
 certificate database update 1 --name newname
 certificate database update 1 --cert /path/to/concatenated.pem
 certificate database update 1 --cert /path/to/certificate.pem --key /path/to/private-key.pem --all-sans

	# Certificate type disk
 certificate disk add mycert --cert /path/on/server/to/concatenated.pem
 certificate disk add mycert --cert /path/on/server/to/certificate.pem --key /path/on/server/to/private-key.pem
 certificate disk update 1 --name newname
 certificate disk update 1 --cert /path/on/server/to/certificate.pem --key /path/on/server/to/private-key.pem

	# Certificate type ACME
 certificate acme add mycert --account <acme-account-id> --fqdn <fqdn-for-cert-generation> --fqdn <second-fqdn> --http
 certificate acme add mycert --account 1 --fqdn *.example.com --dns
 certificate acme update 1 --name newname
 certificate acme update 1 --http --dns
 certificate acme retry 1

Options for certificate storage:

disk:
	Only the paths to the certificate and/or private key are stored in 
	the database.

database:
	The certificate and private key are stored in the database and distributed
	to the Varnish servers upon deployment. The certificate can't be read after
	it has been stored.

acme:
	The certificate is automatically created and renewed via the ACME protocol.
	After it has been created it is handled like a database certificate type.


Options

  -h, --help   help for certificates

Options inherited from parent commands

  -c, --config string   configuration file for the CLI (default ~/.vcli.yml)
                        Could also be set via VARNISH_CONTROLLER_CLI_CONFIG=/path/to/config.yml
      --csv             Output the response table as CSV format.
  -j, --json            Output the response table as JSON format.

SEE ALSO


®Varnish Software, Wallingatan 12, 111 60 Stockholm, Organization nr. 556805-6203