1certmonger(1)               General Commands Manual              certmonger(1)
2
3
4

NAME

6       getcert
7
8

SYNOPSIS

10       getcert add-scep-ca [options]
11
12

DESCRIPTION

14       Adds  a  CA configuration to certmonger, which can subsequently be used
15       to enroll certificates.  The configuration will use the  bundled  scep-
16       submit  helper.   The add-scep-ca command is more or less a wrapper for
17       the add-ca command.
18
19

OPTIONS

21       -c NAME
22              The nickname to give to this CA configuration.  This same  value
23              can  later  be  passed  in  to  getcert's request, resubmit, and
24              start-tracking commands using the -c flag.
25
26       -u URL The location of the SCEP server's  enrollment  interface.   This
27              option must be specified.
28
29       -R ca-certificate-file
30              The  location  of a PEM-formatted copy of the SCEP server's CA's
31              certificate.  A discovered value is supplied by  the  certmonger
32              daemon  for  use  in verifying the signature on data returned by
33              the SCEP server, but it is not used for verifying  HTTPS  server
34              certificates.   This  option  must be specified if the URL is an
35              https location.
36
37       -r ra-certificate-file
38              The location of a PEM-formatted copy of the SCEP  server's  RA's
39              certificate.   A  discovered  value  is normally supplied by the
40              certmonger daemon, but one can be specified for  troubleshooting
41              purposes.
42
43       -I other-certificates-file
44              The  location  of a file containing other PEM-formatted certifi‐
45              cates which may be needed in order  to  properly  verify  signed
46              responses sent by the SCEP server back to the client.  A discov‐
47              ered set is normally supplied by the certmonger daemon, but  can
48              be specified for troubleshooting purposes.
49
50       -i identifier
51              A  CA  identifier value which will passed to the server when the
52              scep-submit helper is used to retrieve copies  of  the  server's
53              certificates.
54
55       -v     Be  verbose  about  errors.   Normally,  the details of an error
56              received from the daemon will be suppressed if  the  client  can
57              make a diagnostic suggestion.
58
59

BUGS

61       Please   file   tickets  for  any  that  you  find  at  https://fedora
62       hosted.org/certmonger/
63
64

SEE ALSO

66       certmonger(8) getcert(1) getcert-add-ca(1) getcert-list-cas(1) getcert-
67       list(1)  getcert-modify-ca(1)  getcert-refresh-ca(1) getcert-refresh(1)
68       getcert-remove-ca(1)  getcert-request(1)  getcert-resubmit(1)  getcert-
69       status(1)    getcert-stop-tracking(1)   certmonger-certmaster-submit(8)
70       certmonger-dogtag-ipa-renew-agent-submit(8) certmonger-dogtag-submit(8)
71       certmonger-ipa-submit(8)   certmonger-local-submit(8)  certmonger-scep-
72       submit(8) certmonger_selinux(8)
73
74
75
76certmonger Manual              24 February 2015                  certmonger(1)
Impressum