Commands

You can issue BMC AMI Enterprise Connector for Venafi commands from the MVS console (by using the MVS MODIFY command), System Display and Search Facility (SDSF), or the browser-based administration interface. EC for Venafi is an RSS-based product and therefore supports RSS commands. In addition to the RSS commands, EC for Venafi has unique commands that are prefixed either by VENAFI or VEN.

For example, the following commands are equivalent:

VEN Expired|Exp
VENAFI Expired|Exp

Related topics

Administering

Troubleshooting

The following commands are supported by EC for Venafi:

VEN Expired

In the EC for Venafi agent started task, you can use the VEN Expired command to search for and display expired certificates.

The product does not take any action on any expired certificate found. This command does not work with the EC for Venafi gateway started task.

The syntax for this command follows:

VEN|VENAFI Exp|Expired

For example, the command, f ecagent,ven exp displays the following output:

RSV0900I Certificate Label                Owner    Expired     
RSV0901I DefaultWASCert.BBNBASE           WSCRU1   2018/12/31  
RSV0901I JES2 CLIENT EDS                  START1   2019/03/20  
RSV0901I Verisign Class 1 Primary CA      CERTAUTH 2020/01/07  
RSV0901I RSA Secure Server CA             CERTAUTH 2010/01/07  
RSV0901I IBM World Registry CA            CERTAUTH 2017/05/20  
RSV0901I Integrion CA                     CERTAUTH 2017/05/20  
RSV0901I Verisign International Svr CA    CERTAUTH 2011/10/24  
RSV0901I Verisign Class 1 Individual CA   CERTAUTH 2008/05/12  
RSV0901I Verisign Class 2 Individual CA   CERTAUTH 2004/01/06  
RSV0901I Identrus Interoperability CA     CERTAUTH 2010/02/05  
RSV0901I GTE CyberTrust Root CA           CERTAUTH 2006/02/23  
RSV0901I Entrust.net Secure Server CA     CERTAUTH 2006/01/01  
RSV0901I Equifax Secure CA                CERTAUTH 2018/08/22  
RSV0901I ICP-Brasil CA                    CERTAUTH 2011/11/30  
RSV0901I Entrust Secure Server Root CA    CERTAUTH 2019/05/25  
RSV0901I WebSphereCA                      CERTAUTH 2018/12/31  
RSV0899I Command complete 

VEN States

In the EC for Venafi agent started task, you can use the VEN States command to display the status of certificate requests for which the product saves the transaction state.

The product maintains the transaction states through the generate, load, and implement phases. After implementing a certificate for two days, the product clears the state table. The product retains the transaction states of failed certificates for a week. This command does not work with the EC for Venafi gateway started task.

The syntax for this command follows:

VEN|VENAFI States|Sta

For example, the command, f ecagent,ven sta displays the following output:

RSV0902I Certificate State                                  
RSV0903I    Label      martin-test-cert                     
RSV0903I    Owner      TSGTA2                               
RSV0903I    State      LOAD_RESTORE                         
RSV0903I    Updated    15:52:35 on 09 September
RSV0902I Certificate State                                  
RSV0903I    Label      martin-test-cert2                     
RSV0903I    Owner      TSGTA2                               
RSV0903I    State      IMPLEMENTED                         
RSV0903I    Updated    12:23:17 on 08 September             
RSV0899I Command Complete

VEN Ping

You can use VEN Ping to test the status of a remote environment. You can run this command only from a gateway instance.

The syntax for this command follows:

VEN|VENAFI Ping EnvName

For example, the command, f ecgate,ven ping ZBASA displays the following output:

RSV0936I PING to ZBASA successful     
RSV0899I Command complete


 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*