Generate PKI certificates and keys
Generate CA certificate
Commands for installing generated certificate into running configuration
<CA name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "noname"
Generate certificate request
Generate self-signed certificate
Commands for installing generated self-signed certificate into running configuration
<certificate name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$6" --self-sign --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" --self-sign
Sign generated certificate with specified CA certificate
pki ca
Commands for installing generated certificate into running configuration
<certificate name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$7" --sign "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" --sign "$5"
Commands for installing generated certificate private key into running configuration
<certificate name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname"
Generate CRL for specified CA certificate
pki ca
Commands for installing generated CRL into running configuration
sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4"
Generate DH parameters
Commands for installing generated DH parameters into running configuration
<DH name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "noname"
Generate a key pair
Commands for installing generated key pair into running configuration
<key name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "noname"
Generate OpenVPN keys
Generate OpenVPN TLS key
Commands for installing generated OpenVPN TLS key into running configuration
<key name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "$6" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "noname"
Generate SSH key
Commands for installing generated SSH key into running configuration
<key name>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "$5" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "noname"
Generate Wireguard keys
Generate Wireguard key pair for use with server or peer
Commands for installing generated Wireguard key into running configuration
<interface> <peer>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "$6" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "noname"
Generate pre-shared key for use with a Wireguard peer
Commands for installing generated Wireguard psk on specified peer into running configuration
<peer>
sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "$6" --install
sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "noname"
Show PKI certificates
Show CA certificates
Show CA certificate by name
pki ca
sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$5"
sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "all"
Show certificates
Show certificate by name
pki certificate
sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$5"
sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "all"
Show certificate revocation lists
Show certificate revocation lists from specified CA
pki ca
sudo ${vyos_op_scripts_dir}/pki.py --action show --crl "$5"
sudo ${vyos_op_scripts_dir}/pki.py --action show --crl "all"
sudo ${vyos_op_scripts_dir}/pki.py --action show