Generate PKI certificates and keys Generate CA certificate Sign generated CA certificate with another specified CA certificate pki ca Write generated CA certificate into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$7" --sign "$5" --file Commands for installing generated CA certificate into running configuration <certificate name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$7" --sign "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "noname" --sign "$5" Write generated CA certificate into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$5" --file Commands for installing generated CA certificate into running configuration <CA name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --ca "noname" Generate certificate request Generate self-signed certificate Write generated self-signed certificate into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$6" --self-sign --file Commands for installing generated self-signed certificate into running configuration <certificate name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$6" --self-sign --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" --self-sign Sign generated certificate with specified CA certificate pki ca Write generated signed certificate into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$7" --sign "$5" --file Commands for installing generated signed certificate into running configuration <certificate name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$7" --sign "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" --sign "$5" Write generated certificate request and key into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$5" --file Commands for installing generated certificate private key into running configuration <certificate name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --certificate "noname" Generate CRL for specified CA certificate pki ca Write generated CRL into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4" --file Commands for installing generated CRL into running configuration sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --crl "$4" Generate DH parameters Write generated DH parameters into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "$5" --file Commands for installing generated DH parameters into running configuration <DH name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --dh "noname" Generate a key pair Write generated key pair into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "$5" --file Commands for installing generated key pair into running configuration <key name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --keypair "noname" Generate OpenVPN keys Generate OpenVPN shared secret key Write generated OpenVPN shared secret key into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "$6" --file Commands for installing generated OpenVPN shared secret key into running configuration <key name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "$6" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --openvpn "noname" Generate SSH key Write generated SSH keys into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "$5" --file Commands for installing generated SSH key into running configuration <key name> sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "$5" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --ssh "noname" Generate Wireguard keys Generate Wireguard key pair for use with server or peer Write generated Wireguard keys into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "$6" --file Commands for installing generated Wireguard key into running configuration <interface> <peer> sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "$6" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --key "noname" Generate pre-shared key for use with a Wireguard peer Write generated Wireguard PSK into the specified filename <filename> sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "$6" --file Commands for installing generated Wireguard PSK on specified peer into running configuration <peer> sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "$6" --install sudo ${vyos_op_scripts_dir}/pki.py --action generate --wireguard --psk "noname" Show PKI certificates Show CA certificates Show CA certificate by name pki ca sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "$5" sudo ${vyos_op_scripts_dir}/pki.py --action show --ca "all" Show certificates Show certificate by name pki certificate sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "$5" sudo ${vyos_op_scripts_dir}/pki.py --action show --certificate "all" Show certificate revocation lists Show certificate revocation lists from specified CA pki ca sudo ${vyos_op_scripts_dir}/pki.py --action show --crl "$5" sudo ${vyos_op_scripts_dir}/pki.py --action show --crl "all" sudo ${vyos_op_scripts_dir}/pki.py --action show