Update operations

The horizon client can perform update operations on certificates using the update-cert command. This will modify the information associated with the certificate on Horizon.

The update-cert command need the 'Update (pop)' common configuration permission enabled on the profile the certificate is linked to.

General Parameters

--confirm

The command asks for confirmation after the changes are computed. Use this flag to disable this behavior and proceed directly. (Optional)

--prompt

Use this flag to be prompted for edition of all the certificate fields. In this mode, using enter on an existing value means the value is not changed. (Optional)

Input parameters

The update is only possible on local certificates for which you possess the key:

--cert

Path to the Certificate to update (PEM file, PKCS#12 file, JKS file) or cert thumbprint for Windows certificate store entries.

--key

Path to the private key of the certificate to update if it is not included in the certificate file. (Optional)

--pfx-pwd

Password for the PKCS#12 file to update. (Optional)

--jks-pwd

Password for the JKS file to update. (Optional)

--jks-alias

Alias for the JKS file to update. (Optional)

--jks-alias-pwd

Alias password for the JKS file to update. (Optional)

Update Parameters

An update concerns only metadata fields, that is fields added by Horizon.

--owner

Set the owner of the certificate. An empty string means deletion of this information. (Optional)

--team

Set the team of the certificate. An empty string means deletion of this information. (Optional)

--contact-email

Set the contact email of the certificate. An empty string means deletion of this information. (Optional)

--labels

Set the labels of the certificate. An empty string means deletion of this information. (Optional)

--metadata

Set the technical metadata of the certificate. To use with caution. An empty string means deletion of this information. (Optional)

Examples

You will find below a few examples detailing how to use the client to update certificates in various context

Updating the owner of a certificate

horizon-cli update-cert --key=/path/to/key --cert=/path/to/cert --owner=newowner

Removing the team from a certificate stored in JKS file

horizon-cli update-cert --cert=/path/to/cert.jks --jks-pwd=<jks password> --team=""

Updating labels and metadata of a certificate stored in windows certificate store

horizon-cli update-cert --cert=<certificate thumbprint> --labels="label1:value1,label2:value2" --metadata="metadata1:value1,metadata2:value2"