Page History
...
Code Block | ||
---|---|---|
| ||
Usage: deploy-identity-service.sh [Command] [Options] [Switches] Commands: get-account --service [--account] [--enabled] [--disabled] store-account --service --account [--role] [--disabled] [--account-password] [--force-password-change] rename-account --service --account --new-account remove-account --service --account [--enabled] [--disabled] get-account-permission --service --account set-account-password --service --account --account-password --new-account-password reset-account-password --service --account enable-account --service --account disable-account --service --account get-role --service [--role] store-role --service --role [--ordering] rename-role --service --role --new-role remove-role --service --role get-permission --service --role [--controller-id] set-permission --service --role --permission [--excluded] [--controller-id] rename-permission --service --role --permission --new-permission [--excluded] [--controller-id] remove-permission --service --role --permission [--controller-id] get-folder --service --role [--folder] [--controller-id] set-folder --service --role --folder [--recursive] [--controller-id] rename-folder --service --role --folder --new-folder [--recursive] [--controller-id] remove-folder --service --role --folder [--controller-id] get-service [--service] store-service --service --service-type [--ordering] [--required] [--disabled] [--authentication-scheme] [--single-factor-certificate] [--single-factor-password] rename-service --service --new-service remove-service --service Options: --url=<url> | required: JOC Cockpit URL --user=<account> | required: JOC Cockpit user account --password=<password> | optional: JOC Cockpit password --ca-cert=<path> | optional: path to CA Certificate used for JOC Cockpit login --client-cert=<path> | optional: path to Client Certificate used for login --client-key=<path> | optional: path to Client Key used for login --timeout=<seconds> | optional: timeout for request, default: 60 --controller-id=<id> | optional: Controller ID --account=<name[,name]> | optional: list of accounts --new-account=<name[,name]> | optional: new account names --account-password=<password> | optional: password for account --new-password=<password> | optional: new password for account --service=<name> | required: Identity Service name --service-type=<id> | optional: Identity Service type such as JOC, LDAP, LDAP-JOC, OIDC, OIDC-JOC --ordering=<number> | optional: ordering of Identity Service or role by ascending number --new-service=<name> | optional: new Identity Service name --authentication-scheme=<factor> | optional: Identity Service authentication scheme: SINGLE-FACTOR, TWO-FACTOR --role=<name[,name]> | optional: list of roles --new-role=<name> | optional: new role name --permission=<id[,id]> | optional: list of permission identifiers assigned a role --new-permission=<id> | optional: new permission identifier assigned a role --folder=<name[,name]> | optional: list of folders assigned a role --new-folder=<name> | optional: new folder assigned a role --audit-message=<string> | optional: audit log message --audit-time-spent=<number> | optional: audit log time spent in minutes --audit-link=<url> | optional: audit log link --log-dir=<directory> | optional: path to directory holding the script's log files Switches: -h | --help | displays usage -v | --verbose | displays verbose output, repeat to increase verbosity -p | --password | asks for password -a | --account-password | asks for account password -n | --new-password | asks for new account password -f | --force-password-change | enforces password change on next login -e | --enabled | filters for enabled accounts -d | --disabled | filters for disabled accounts or disables Identity Services -x | --excluded | sets excluded permissions -q | --required | enforces use of Identity Service -r | --recursive | applies folder operation to sub-folders --single-factor-certificate | certificate allowed as single factor --single-factor-password | password allowed as single factor --show-logs | shows log output if --log-dir is used --make-dirs | creates directories if they do not exist see https://kb.sos-berlin.com/x/lwTWCQ |
Commands
...
- Returns version information of JOC Cockpit, Controller and Agents.
- When used without options, the JOC Cockpit version will be returned.
- When usiedf with the
--controller-id
option, the version of the indicated Controller will be returned. - When used with the
--agent-id
option, the version of the indicated Agent will be returned. If a Cluster Agent is specified, then version information for included Director Agents and Subagents will be returned in JSON format.
- When used with the
--list
switch, then information about included Controllers and/or Agents will be returned in JSON format.
...
- Shifts the active role to the Standby JOC Cockpit instance.
...
- Allows to restart JOC Cockpit background services. One of the following services can be specified using the
--service-type
option:cluster,
history,
dailyplan,
cleanup,
monitor
- JOC Cockpit background services will run based on events (
cluster, history, monitor
) or based on schedules configurable with JS7 - Settings (dailyplan, cleanup
). To force a background service to start immediately therun-service
command can be used.
...
- Starts JOC Cockpit background services. One of the following services can be specified using the
--service-type
option:dailyplan,
cleanup
- JOC Cockpit background services will run based on schedules configurable with JS7 - Settings (
dailyplan, cleanup
). Therun-service
command will force immediate execution of the service.
...
- Checks which JS7 - License is available with JOC Cockpit and if it is valid for a predetermined period.
- The Open Source License is valid for any period of time and will not expire.
- The Commercial License can be perpetual or can be valid for a limited subscription period.
- The
--validity-days
option specifies the number of days before expiration of the Commercial License. Default: 60 days. - Exit codes of the license check include:
- Exit code 0 signals a valid license for the period specified.
- Exit code 2 signals an expired license or an inapplicable license check if the Open Source License is used.
- Exit code 3 signals a valid license that is about to expire within the number of days specified.
...
- Returns JS7 - Settings in JSON format.
- Users can modify settings using the jq utility and can update settings using the
store-settings
command.
...
- Updates JS7 - Settings in JOC Cockpit.
- Users can read settings using the
get-settings
command and can modify settings using the jq utility before updating settings.
...
- Allows to encrypt a value using the
--in
option. If used to encrypt a file then--infile
and--outfile
options must be specified. - The
--cert
option specifies the path to a file holding the Certificate used for encryption. - Encryption is performed by Java libraries that are looked up in the
./lib
sub-directory of the JS7 Unix Shell CLI. For details see JS7 - Encryption and Decryption.
...
- Allows to decrypt a value using the
--in
option. If used to decrypt a file then--infile
and--outfile
options must be specified. - The
--key
option specifies the path to the Private Key used for decryption. If the Private Key is protected by a password, then the--key-password
option or switch must be specified. - Decryption is performed by Java libraries that are looked up in the
./lib
sub-directory of the JS7 Unix Shell CLI.
All commands make use of the --service
option to specify the Identity Service on which the operation is performed.
Accounts
Operations are available for Identity Services only that hold account information using the service types JOC, KEYCLOAK-JOC, LDAP-JOC, OIDC-JOC, CERTIFICATE and FIDO. For Identity Services that manage accounts on their own such as LDAP, OIDC the JOC Cockpit does not provide account information.
get-account
Returns information about the indicated account or all accounts if the
--account
option is not specified.- Accounts can be filtered:
- The
--enabled
switch returns active accounts only - The
--disabled
switch returns inactive accounts only.
- The
store-account
- Stores an account to the Identity Service.
- An existing role can be assigned using the
--role
option. - The password can be specified using the
--account-password
option. Consider to use secure input from the commandline using the-a
switch. If no password is specified then the initial password is assigned. If a password is specified or the initial password is used, then JOC Cockpit will challenge the user to specify a new password on next login. - The
--force-password-change
switch can be used to make JOC Cockpit challenge the user to specify a new password on next login. The operation is available for existing accounts that hold a password. For new accounts users are automatically challenged to specify a new password on next login. - The
--disabled
switch can be used to deactivate an account when it is created. For later enabling/disabling of existing accounts see theenable-account
anddisable-account
commands.
- An existing role can be assigned using the
- Handling of passwords allows the API user to specify passwords for other accounts. However, for the affected account users have to change the password on next login.
- Stores an account to the Identity Service.
rename-account
- Renames the indicated account.
remove-account
- Removes the indicated account from the Identity Service.
get-account-permission
- Returns the list of permissions per role assigned the given account.
set-account-password
- Sets the password for the indicated account. Consider to use secure input from the commandline using the
-a
switch. - The user will be challenged to specify a new password on next login.
- Sets the password for the indicated account. Consider to use secure input from the commandline using the
reset-account-password
- Resets the account's password to the initial password.
- The user will be challenged to specify a new password on next login.
enable-account
- Activates the account which allows login to JOC Cockpit.
disable-account
- Deactivates the account which denies login to JOC Cockpit.
Roles
get-role
- Returns the indicated role if the
--role
option is used and otherwise returns all roles.
- Returns the indicated role if the
store-role
- Stores a role from its name to JOC Cockpit. Default permissions will be applied to new roles.
- The
--ordering
option can be used to specify the position of the role in the list of roles available for the given Identity Service.
rename-role
- Renames an existing role.
remove-role
- Removes the indicated role from the Identity Service.
Permissions
get-permission
- Returns permissions the indicated role.
set-permission
- Assigns the role one or more permission that are specified from permission identifiers.
- If the
--excluded
switch is used, then permission is denied. This applies to JOC Cockpit permissions and to all Controller permissions. - The Controller ID can be specified using the
--controller-id
option for permissions that should be limited to the given Controller.
rename-permission
- Renames an existing permission by switching permission identifier.
remove-permission
- Removes the indicated permission from the role.
Folders
get-folder
- If the
--folder
option is used, returns the indicated folder and otherwise returns all folders assigned the given role.
- If the
set-folder
- Assigns the indicated role one or more folders. If more than one folder is specified, then they are separated by comma, for example
--folder=/accounting,/reporting
. - The
--recursive
switch can be used to specify that sub-folders similarly should be accessible to the given role.
- Assigns the indicated role one or more folders. If more than one folder is specified, then they are separated by comma, for example
rename-folder
- Switches folder assignment to a different folder.
remove-folder
- Removes the indicated folder from the role.
Identity Services
get-service
- If the
--service
option is used, returns the indicated Identity Service and otherwise returns the list of Identity Services.
- If the
store-service
- Stores the indicated Identity Service.
- The following options and switches can be used:
- The
--service-type
option specifies the capabilities of the Identity Service such as LDAP, OIDC, FIDO. For the full list of service types see JS7 - Identity Services, Matrix. - The
--required
switch specifies that successful authentication using the Identity Service is required. If the switch is not used, then JOC Cockpit will switch to using the next Identity Service in case of unsuccessful authentication. - The
--disabled
switch can be used to deactivate an Identity Serivce which denies login by any accounts using the Identity Service. - The
--ordering
option can be used to specifiy the position of the Identity Service in the list of Identity Services. - The
--authentication-scheme
option allows to specify the following vallues:SINGLE-FACTOR
,TWO-FACTOR
.- Single-factor authentication specifies that the Identity Service is used as a single factor for authentication.
- The
--single-factor-certificate
switch is used for the JS7 - Certificate Identity Service to specify that a certificate acts as the single factor for authentication. - The
--single-factor-password
switch is used to specify that a password is used as the single factor for authentication.
- The
- Two-factor authentication specifies that a second Identity Service is used and that successful authentication with both Identity Services is required. For example an Identity Serivce using the LDAP service type can use FIDO as a second factor. This implies that secrets are stored on different media: the LDAP password is stored with the user's brain while the FIDO secret is stored on the user's device, for example on a USB key or in an authenticator application on a smartphone.
- Single-factor authentication specifies that the Identity Service is used as a single factor for authentication.
- The
rename-service
- Renames the indicated Identity Service.
remove-service
- Removes the indicated Identity Service.
- Users should check that there is a remaining Identity Service that allows to login. To restore access to JOC Cockpit consider JS7 - Rescue in case of lost access to JOC Cockpit.
Options
--url
- Specifies the URL by which JOC Cockpit is accessible using
<http|https>://<host>:<port>
. - Example: http://centostest-primary.sos:4446
- Example: https://centostest-primary.sos:4443
- Specifies the URL by which JOC Cockpit is accessible using
--user
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--client-cert
and--client-key
options then their common name (CN) attribute has to match the user account. - If a user account is specified then a password can be specified using the
--password
option or interactive keyboard input can be prompted using the-p
switch.
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--password
- Specifies the password used for the account specified with the
--user
option for login to JOC Cockpit. - Password input from the command line is considered insecure.
- Consider use of the
-p
switch offering a secure option for interactive keyboard input. - Consider use of the
encrypt
command to encrypt a password:./operate-joc.sh encrypt --in=root --cert=encrypt.crt
.- The encryption result will include the prefix
enc:
followed by the encrypted symmetric key, initialization vector and encrypted secret separated by space. - If an encrypted password is specified, then it will be decrypted using the Private Key file:
./operate-joc.sh <command> --password="enc:BF8J8KP7TPlxy..." --key=encrypt.key
.
- The encryption result will include the prefix
- Consider use of the
- Specifies the password used for the account specified with the
--ca-cert
- Specifies the path to a file in PEM format that holds the Root CA Certificate and optionally Intermediate CA Certificates to verify HTTPS connections to JOC Cockpit.
--client-cert
- Specifies the path to a file in PEM format that holds the Client Certificate if HTTPS mutual authentication is used..
--client-key
- Specifies the path to a file in PEM format that holds the Client Private Key if HTTPS mutual authentication is used..
--timeout
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
60
seconds.
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
--controller-id
- Specifies the identification of the Controller.
--agent-id
- The Agent ID specifies a unique identifier for a Standalone Agent or Agent Cluster that cannot be changed later on.
- Agents are identified from their Agent ID.
--service-type
- When used with the
restart-service
command, specifies the service that should be restarted. - One of the following services can be specified:
cluster,
history,
dailyplan,
cleanup,
monitor
- When used with the
--validity-days
- When used with the
checck-license
command, specifies the number of days before expiration of a JS7 license.- Exit code 2 signals an expired license or an inapplicable license check if the Open Source License is used.
- Exit code 3 signals a valid license that is about to expire within the number of days specified.
- When used with the
--settings
- When used with the
store-settings
command, specifies settings from their JSON format.
- When used with the
--key
- When used with the
decrypt
command, specifies the path to a file that holds the Private Key in PEM format used for decryption.
- When used with the
--cert
- When used with the
encrypt
command, specifies the path to a file that holds the CA-signed or self-signed X.509 Certificate. Alternatively, the path to a file holding the Public Key can be specified. The Certificate/Public Key is expected in PEM format. - For encryption the Certificate/Public Key must match the Private Key used for later decryption specified with the
--key
option.
- When used with the
--key-password
- When used with the
decrypt
command, specifies the password for access to the key file using the--key
option. - Password input from the command line is considered insecure.
- Consider use of the
-k
switch or more elaborate mechanisms, for example by temporarily populating the system keystore form a security key such as a YubiKey® or similar. - Consider use of encrypted passwords as explained with the
--password
option.
- Consider use of the
- When used with the
--in
- When used with the
encrypt
anddecrypt
commands, specifies the input value that should be encrypted or decrypted., - One of the options
--in
or--infile
can be specified.
- When used with the
--infile
- When used with the
encrypt
anddecrypt
commands, specifies the path to the input file that should be encrypted/decrypted. - One of the options
--in
or--infile
can be specified. This option requires use of the--outfile
option.
- When used with the
--outfile
- When used with the
encrypt
command, specifies the path to the output file that will be created holding the encrypted content of the input file. - When used with the
decrypt
command, specifies the path to the output file that will be created holding the decrypted content of the input file. - The option is required if the
--infile
option is specified
- When used with the
--java-home
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, specifies the Java home directory. By default theJAVA_HOME
environment variable is used to determine the location of Java. - The Java home directory is the top-level directory of a Java installation. The directory includes the
bin
sub-directory andjava
executable.
- When used with the
--java-lib
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, a number of Java libraries are required to perform encryption/decryption. - The Java libraries are expected in the
lib
sub-directory of the JS7 Unix Shell CLI. Default:./lib
.
- When used with the
--audit-message
- Specifies a message that is made available to the Audit Log.
- Specification of Audit Log messages can be enforced on a per user basis and for a JS7 environment.
--audit-time-spent
- Specifies the time spent to perform an operation which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--audit-link
- Specifies a link (URL) which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--log-dir
- If a log directory is specified then the script will log information about processing steps to a log file in this directory.
- File names are created according to the pattern:
operate-joc.<yyyy>-<MM>-<dd>T<hh>-<mm>-<ss>.log
- For example:
operate-joc.2022-03-19T20-50-45.log
Switches
-h | --help
- Displays usage.
-v | --verbose
- Displays verbose log output that includes requests and responses with the JS7 REST Web Service.
- When used twice as with
-v -v
then curl verbose output will be displayed.
-p | --password
- Asks the user for interactive keyboard input of the password used for the account specified with the
--user
option.. - The switch is used for secure interactive input as an alternative to use of the option
--password=<password>
.
- Asks the user for interactive keyboard input of the password used for the account specified with the
-a | --account-password
- When used with the
store-account
andset-account-password
commands, asks the user for interactive keyboard input of the existing password used for the account. - The switch is used for secure interactive input as an alternative to use of the
--account-password=<password>
option.
- When used with the
-n | --new-password
- When used with the
set-account-password
command, asks the user for interactive keyboard input of the new password used for the account. - The switch is used for secure interactive input as an alternative to use of the
--new-account-password=<password>
option.
- When used with the
-f | --force-password-change
- When used with the
store-account
command, specifies that the user will be challenged to type a new password on next login. - The switch is used for existing accounts. Use of the switch is not required in the following situations that will automatically challenge the user to specify a new password on next login:
- For new accounts using the initial passwords and for accounts assigned a password using the
--account-password
option or switch. - If the account is assigned a password using the
set-account-password
command. - If the account's password is reset to the initial password using the
reset-account-password
command
- For new accounts using the initial passwords and for accounts assigned a password using the
- When used with the
-e | enabled
- When used with the
get-account
command, filters results to enabled accounts. - When used with the
remove-account
command, filters that enabled accounts only will be removed.
- When used with the
-d | disabled
- When used with the
get-account
command, filters results to disabled accounts. - When used with the
store-account
command, specifies that the indicated account will be deactivated. - When used with the
remove-account
command, filters that disabled accounts only will be removed. - When used with the
store-service
command, specifies that the Identity Service will be deactivated.
- When used with the
-x | --excluded
- When used with the
set-permission
command, specifies that the permission will be denied. This applies to JOC Cockpit permissions and to all Controller permissions.
- When used with the
-q | --required
- When used with the
store-service
command, specifies that successful authentication using the Identity Service is required. If the switch is not used, then JOC Cockpit will switch to using the next Identity Service in case of unsuccessful authentication.
- When used with the
-r | --recursive
- When used with the
set-folder
andrename-folder
commands, specifies that folder permissions are applied to sub-folders
- When used with the
Options
--url
- Specifies the URL by which JOC Cockpit is accessible using
<http|https>://<host>:<port>
. - Example: http://centostest-primary.sos:4446
- Example: https://centostest-primary.sos:4443
- Specifies the URL by which JOC Cockpit is accessible using
--user
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--client-cert
and--client-key
options then their common name (CN) attribute has to match the user account. - If a user account is specified then a password can be specified using the
--password
option or interactive keyboard input can be prompted using the-p
switch.
- Specifies the user account for login to JOC Cockpit. If JS7 - Identity Services are available for Client authentication certificates that are specified with the
--password
- Specifies the password used for the account specified with the
--user
option for login to JOC Cockpit. - Password input from the command line is considered insecure.
- Consider use of the
-p
switch offering a secure option for interactive keyboard input. - Consider use of the
encrypt
command to encrypt a password:./operate-joc.sh encrypt --in=root --cert=encrypt.crt
.- The encryption result will include the prefix
enc:
followed by the encrypted symmetric key, initialization vector and encrypted secret separated by space. - If an encrypted password is specified, then it will be decrypted using the Private Key file:
./operate-joc.sh <command> --password="enc:BF8J8KP7TPlxy..." --key=encrypt.key
.
- The encryption result will include the prefix
- Consider use of the
- Specifies the password used for the account specified with the
--ca-cert
- Specifies the path to a file in PEM format that holds the Root CA Certificate and optionally Intermediate CA Certificates to verify HTTPS connections to JOC Cockpit.
--client-cert
- Specifies the path to a file in PEM format that holds the Client Certificate if HTTPS mutual authentication is used..
--client-key
- Specifies the path to a file in PEM format that holds the Client Private Key if HTTPS mutual authentication is used..
--timeout
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
60
seconds.
- Specifies the maximum duration for requests to the JS7 REST Web Service. Default:
--controller-id
- Specifies the identification of the Controller.
--agent-id
- The Agent ID specifies a unique identifier for a Standalone Agent or Agent Cluster that cannot be changed later on.
- Agents are identified from their Agent ID.
--service-type
- When used with the
restart-service
command, specifies the service that should be restarted. - One of the following services can be specified:
cluster,
history,
dailyplan,
cleanup,
monitor
- When used with the
--validity-days
- When used with the
checck-license
command, specifies the number of days before expiration of a JS7 license.- Exit code 2 signals an expired license or an inapplicable license check if the Open Source License is used.
- Exit code 3 signals a valid license that is about to expire within the number of days specified.
- When used with the
--settings
- When used with the
store-settings
command, specifies settings from their JSON format.
- When used with the
--key
- When used with the
decrypt
command, specifies the path to a file that holds the Private Key in PEM format used for decryption.
- When used with the
--cert
- When used with the
encrypt
command, specifies the path to a file that holds the CA-signed or self-signed X.509 Certificate. Alternatively, the path to a file holding the Public Key can be specified. The Certificate/Public Key is expected in PEM format. - For encryption the Certificate/Public Key must match the Private Key used for later decryption specified with the
--key
option.
- When used with the
--key-password
- When used with the
decrypt
command, specifies the password for access to the key file using the--key
option. - Password input from the command line is considered insecure.
- Consider use of the
-k
switch or more elaborate mechanisms, for example by temporarily populating the system keystore form a security key such as a YubiKey® or similar. - Consider use of encrypted passwords as explained with the
--password
option.
- Consider use of the
- When used with the
--in
- When used with the
encrypt
anddecrypt
commands, specifies the input value that should be encrypted or decrypted., - One of the options
--in
or--infile
can be specified.
- When used with the
--infile
- When used with the
encrypt
anddecrypt
commands, specifies the path to the input file that should be encrypted/decrypted. - One of the options
--in
or--infile
can be specified. This option requires use of the--outfile
option.
- When used with the
--outfile
- When used with the
encrypt
command, specifies the path to the output file that will be created holding the encrypted content of the input file. - When used with the
decrypt
command, specifies the path to the output file that will be created holding the decrypted content of the input file. - The option is required if the
--infile
option is specified
- When used with the
--java-home
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, specifies the Java home directory. By default theJAVA_HOME
environment variable is used to determine the location of Java. - The Java home directory is the top-level directory of a Java installation. The directory includes the
bin
sub-directory andjava
executable.
- When used with the
--java-lib
- When used with the
encrypt
anddecrypt
commands or with encrypted passwords, a number of Java libraries are required to perform encryption/decryption. - The Java libraries are expected in the
lib
sub-directory of the JS7 Unix Shell CLI. Default:./lib
.
- When used with the
--audit-message
- Specifies a message that is made available to the Audit Log.
- Specification of Audit Log messages can be enforced on a per user basis and for a JS7 environment.
--audit-time-spent
- Specifies the time spent to perform an operation which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--audit-link
- Specifies a link (URL) which is added to the Audit Log.
- The option can be specified if the -
-audit-message
option is used.
--log-dir
- If a log directory is specified then the script will log information about processing steps to a log file in this directory.
- File names are created according to the pattern:
operate-joc.<yyyy>-<MM>-<dd>T<hh>-<mm>-<ss>.log
- For example:
operate-joc.2022-03-19T20-50-45.log
Switches
-h | --help
- Displays usage.
-v | --verbose
- Displays verbose log output that includes requests and responses with the JS7 REST Web Service.
- When used twice as with
-v -v
then curl verbose output will be displayed.
-p | --password
- Asks the user for interactive keyboard input of the password used for the account specified with the
--user
option.. - The switch is used for secure interactive input as an alternative to use of the option
--password=<password>
.
- Asks the user for interactive keyboard input of the password used for the account specified with the
-k | --key-password
- Asks the user for interactive keyboard input of the password used for access to a keystore or key file specified with the
--keystore
or--key
options. - The switch is used for secure interactive input as an alternative to use of the
--key-password=<password>
option.
- Asks the user for interactive keyboard input of the password used for access to a keystore or key file specified with the
-l | --list
- Lists version information in JSON format when used with the
version
command.
- Lists version information in JSON format when used with the
--show-logs
- Displays the log output created by the script if the
--log-dir
option is used.
- Displays the log output created by the script if the
--make-dirs
- If directories are missing that are indicated with the
--log-dir
option then they will be created.
- If directories are missing that are indicated with the
...
Overview
Content Tools