EJBCA Operations Guide

This Operations Guide contains information on how to perform day to day administrative tasks in EJBCA and is divided into separate sections for CA operations and RA operations. For administrators responsible for configuring and maintaining EJBCA installations, see the EJBCA CA Concept Guide for information on EJBCA concepts and configuration.

CA Operations Guide

The CA Operations Guide covers Certificate Authority Operations such as how to create, edit, and manage CAs, and information on End Entities, and setting up End Entity Profiles and Certificate Profiles.

RA Operations Guide

The RA Operations Guide covers EJBCA RA Management tasks and describes the EJBCA menu sections and the functions you can perform in the EJBCA RA GUI.

Command Line Interfaces

The Command Line Interfaces section includes information on the following EJBCA Command Line Interfaces (CLIs):

• EJBCA Client Toolbox: Set of tools built as a stand-alone package, which can be put on any machine and run independently of EJBCA. Includes a Web Service Interface.

• EJBCA Validation/Conformance Tool: Allows running tests on issued certificates or OCSP responses to see that they match the configured criteria.

• Local Command Line Interface (EJBCA CLI): The Local CLI can be run directly on the CA machine and contains many functions that can be used in scripts, or come to rescue when your Admin certificate has expired, or you have accidentally revoked your Admin privileges for the Admin GUI.

• Local Database CLI: Accessing a database, export, and import, copy, verify audit log and OCSP monitoring.

• CAA Lookup Tool: Providing additional verification, fallback and troubleshooting for the built-in CAA Validator.

ConfigDump Export and Audit Tool

The ConfigDump tool produces a human-readable YAML output, which allows you to hand-modify exports, and the tool is useful for change handling and auditing.