sq-network-wkd-publish - Man Page

Publish certificates in a Web Key Directory

Synopsis

sq network wkd publish [Options] DEST

Description

Publish certificates in a Web Key Directory.

Publishes certificates or certificate updates in a Web Key Directory (WKD).  You can create or update a WKD hierarchy on the local system by specifying a path as destination.

Typically, a WKD is stored on a web server.  If `--rsync` is given, this command manages remote WKD directory hierarchies by using rsync(1).

To insert a new certificate into the WKD, use `--cert`.

Any updates for certificates already existing in the WKD are automatically published.

Note: To update a WKD hierarchy, it is first copied to a temporary location on the local machine, new certificates or certificate updates are inserted into the local copy, and the hierarchy is copied back to its original location.  As this is not an atomic operation, care must be taken to avoid concurrent updates.

Options

Subcommand options

--all

Use all authenticated certificates with a user ID in the given domain

Use all certificates that have a user ID matching the domain given to the `--domain` parameter that can be fully authenticated.

--cert=FINGERPRINT|KEYID

Use certificates with the specified fingerprint or key ID

--create[=METHOD]

Create the WKD hierarchy if it does not exist yet

[possible values: advanced, direct]

--domain=FQDN

Generate a WKD for a fully qualified domain name for email

--email=EMAIL

Use certificates where a user ID includes the specified email address

--file=PATH

Read certificates from PATH

--rsync

Use rsync(1) to access DEST

--rsync-path=RSYNC

Path to the local rsync command to use, implies --rsync

--userid=USERID

Use certificates with the specified user ID

DEST

Location of the WKD hierarchy on the local machine or a remote server.  If --rsync is given, this is passed as-is to rsync(1).

Global options

See sq(1) for a description of the global options.

Examples

Create a new WKD hierarchy in the local directory `public_html`, and insert Alice's cert.

    sq network wkd publish --create \
    --cert=EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \

--domain=example.org public_html

Add Bob's cert to the existing WKD hierarchy in the local directory `public_html`.

    sq network wkd publish \
    --cert=511257EBBF077B7AEDAE5D093F68CB84CE537C9A \

--domain=example.org public_html

Add all certs with an authenticated user ID in example.org to the existing WKD hierarchy.

    sq network wkd publish --domain=example.org --all public_html

Refresh all certs in the existing WKD hierarchy in the local directory `public_html` from the cert store.

    sq network wkd publish --domain=example.org public_html

See Also

sq(1), sq-network(1), sq-network-wkd(1).

For the full documentation see <https://book.sequoia-pgp.org>.

Version

0.39.0 (sequoia-openpgp 1.21.2)

Referenced By

sq-network-wkd(1).

0.39.0 Sequoia PGP