SIMPLE SOLUTIONS

CERTMONGER-CERTMASTER-SUBMIT(8) - Linux man page online | Administration and privileged commands

Chapter
7 June 2010
certmonger(8) System Manager's Manual certmonger(8)

NAME

certmaster-submit

SYNOPSIS

certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]

DESCRIPTION

certmaster-submit is the helper which certmonger uses to make requests to certmaster-based CAs. It is not normally run interactively, but it can be for troubleshooting purposes. The signing request which is to be submitted should either be in a file whose name is given as an argument, or fed into certmaster-submit via stdin. There is no standard authenticated method for obtaining the root certificate from certmas‐ ter CAs, so certmonger does not support retrieving trust information from them.

OPTIONS

-h serverHost Submit the request to the certmaster instance running on the named host. The default is localhost:51235 if a file named /var/run/certmaster.pid is found on the local system, and is read from /etc/certmaster/minion.conf if that file is not found. -c cafile Submit the request over HTTPS instead of HTTP, and only trust the server if its certificate was issued by the CA whose certificate is in the named file. -C capath Submit the request over HTTPS instead of HTTP, and only trust the server if its certificate was issued by a CA whose certificate is in a file in the named direc‐ tory.

EXIT STATUS

0 if the certificate was issued. The certificate will be printed. 1 if the CA is still thinking. A cookie value will be printed. 2 if the CA rejected the request. An error message may be printed. 3 if the CA was unreachable. An error message may be printed. 4 if critical configuration information is missing. An error message may be printed.

FILES

/var/run/certmaster.pid the certmaster service's PID file. Its presence is taken to indicate that this system is a CA, and that requests should be submitted to a certmaster server run‐ ning on the local system. /etc/certmaster/minion.conf the certmaster minion configuration file. If there is no indication that the local system is a certmaster server, then this file is consulted to determine the loca‐ tion of the certmaster server.

KNOWN BUGS

Checking for the existence of certmaster's PID file is a terrible way to figure out whether we're a minion or not.

BUGS

Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

certmonger(8) getcert(1) getcert-add-ca(1) getcert-add-scep-ca(1) getcert-list-cas(1) getcert-list(1) getcert-modify-ca(1) getcert-refresh-ca(1) getcert-refresh(1) getcert- rekey(1) getcert-remove-ca(1) getcert-resubmit(1) getcert-start-tracking(1) getcert-sta‐ tus(1) getcert-stop-tracking(1) certmonger-dogtag-ipa-renew-agent-submit(8) certmonger- dogtag-submit(8) certmonger-ipa-submit(8) certmonger-local-submit(8) certmonger-scep-sub‐ mit(8) certmonger_selinux(8)
certmonger Manual 7 June 2010 certmonger(8)
This manual Reference Other manuals
certmonger-certmaster-submit(8) referred by certmaster-getcert(1) | certmonger(8) | certmonger-dogtag-ipa-renew-agent-submit(8) | certmonger-dogtag-submit(8) | certmonger-ipa-submit(8) | certmonger-local-submit(8) | certmonger-scep-submit(8) | getcert(1) | getcert-add-ca(1) | getcert-add-scep-ca(1) | getcert-list(1) | getcert-list-cas(1) | getcert-modify-ca(1) | getcert-refresh(1) | getcert-refresh-ca(1) | getcert-rekey(1) | getcert-remove-ca(1) | getcert-request(1) | getcert-resubmit(1) | getcert-start-tracking(1)
refer to certmonger(8) | certmonger-dogtag-ipa-renew-agent-submit(8) | certmonger-ipa-submit(8) | certmonger-local-submit(8) | getcert(1) | getcert-add-ca(1) | getcert-add-scep-ca(1) | getcert-list(1) | getcert-list-cas(1) | getcert-modify-ca(1) | getcert-refresh(1) | getcert-refresh-ca(1) | getcert-remove-ca(1) | getcert-resubmit(1) | getcert-start-tracking(1) | getcert-stop-tracking(1)
Download raw manual
Main page System Manager's Manual (+2060) certmonger Manual (+27) № 8 (+5755)
Go top