| Command | Result |
| tell ca quit | Stops CA process. |
| tell ca stat | Displays summary information for the certifiers using the CA process; this includes the certifier's number, its hierarchical name, certifier type (IBM® Lotus® Notes® or Internet), whether it is active, and name of the ICL database. |
| tell ca show queue certifier number | Display a list of pending certificate requests, revocation requests, and configuration modification requests for a specific certifier, using its number from the results of the "tell ca status" command. You can also use * to show this information for all certifiers that are using the CA process. |
| tell ca activate certifier number password | Activate a certifier if the certifier is created with "Require password to activate certifier," or use this for any certifier that has been deactivated. Activation is enabled during CA setup and creation. Activate a specific certifier by entering its number from the results of the 'tell ca status' command. Or you can actually unlock all server ID/password-protected certifiers at one time with this command, if you specify "*" for the certifier number. The CA process then prompts you for the password for each certifier. |
| tell ca deactivate certifier number | Deactivate a certifier. You will need to activate it again in order for it to process any request. Use * to deactivate everything, or deactivate a specific certifier by entering its number from the results of the 'tell ca status' command. |
| tell ca lock idfile | Lock all certifiers that were set up with a lock ID, as specified during CA setup. |
| tell ca unlock idfile password | Unlock all certifiers using the ID and password that comprise the lock ID. The lock ID is specified during CA setup. |
| tell ca CRL issue certifier number | Issue a non-regular (immediate) CRL for a specific certifier, where certifier number is the number of the certifier specified in the results of the "tell ca status" command. |
| tell ca CRL push certifier number | Push a certifier's latest regularly scheduled CRL to the Domino Directory, where certifier number is the number of the certifier specified in the results of the "tell ca status" command. |
| tell ca CRL info certifier number [s/S/n/N] | Display CRL information for a specified certifier, where certifier number is the number of the certifier specified by the 'tell ca status' command. Use s or S for regularly scheduled CRLs, and n or N for non-regularly scheduled (immediate) CRLs. |
| tell ca refresh | Force the CA process to refresh its list of certifiers. As a result:
- newly configured certifiers will be added to the CA process
- previously unlocked certifiers will need to be unlocked again
- previously activated certifiers may need to be activated again, if the activation password has changed
- the Notes certifier ID file in idstorage will be updated with the latest certificate information
|
| tell ca help | List tell ca options |