1certmonger(8)               System Manager's Manual              certmonger(8)
2
3
4

NAME

6       certmaster-submit
7
8

SYNOPSIS

10       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]
11
12

DESCRIPTION

14       certmaster-submit  is the helper which certmonger uses to make requests
15       to certmaster-based CAs.  It is not normally run interactively, but  it
16       can  be  for troubleshooting purposes.  The signing request which is to
17       be submitted should either be in a file whose name is given as an argu‐
18       ment, or fed into certmaster-submit via stdin.
19
20       There  is  no standard authenticated method for obtaining the root cer‐
21       tificate from certmaster CAs, so certmonger does not support retrieving
22       trust information from them.
23
24

OPTIONS

26       -h serverHost
27              Submit  the  request  to  the certmaster instance running on the
28              named host.  The default is  localhost:51235  if  a  file  named
29              /var/run/certmaster.pid  is  found  on  the local system, and is
30              read from /etc/certmaster/minion.conf if that file is not found.
31
32       -c cafile
33              Submit the request over HTTPS instead of HTTP,  and  only  trust
34              the  server  if  its certificate was issued by the CA whose cer‐
35              tificate is in the named file.
36
37       -C capath
38              Submit the request over HTTPS instead of HTTP,  and  only  trust
39              the  server if its certificate was issued by a CA whose certifi‐
40              cate is in a file in the named directory.
41
42

EXIT STATUS

44       0      if the certificate was issued. The certificate will be printed.
45
46       1      if the CA is still thinking.  A cookie value will be printed.
47
48       2      if the CA  rejected  the  request.   An  error  message  may  be
49              printed.
50
51       3      if the CA was unreachable.  An error message may be printed.
52
53       4      if critical configuration information is missing.  An error mes‐
54              sage may be printed.
55
56

FILES

58       /var/run/certmaster.pid
59              the certmaster service's PID file.  Its  presence  is  taken  to
60              indicate  that  this system is a CA, and that requests should be
61              submitted to a certmaster server running on the local system.
62
63       /etc/certmaster/minion.conf
64              the certmaster minion configuration file.  If there is no  indi‐
65              cation  that  the local system is a certmaster server, then this
66              file is consulted to determine the location  of  the  certmaster
67              server.
68
69

KNOWN BUGS

71       Checking  for  the existence of certmaster's PID file is a terrible way
72       to figure out whether we're a minion or not.
73
74

BUGS

76       Please  file  tickets  for  any  that  you  find   at   https://fedora
77       hosted.org/certmonger/
78
79

SEE ALSO

81       certmonger(8)   getcert(1)   getcert-add-ca(1)   getcert-add-scep-ca(1)
82       getcert-list-cas(1)   getcert-list(1)   getcert-modify-ca(1)   getcert-
83       refresh-ca(1)  getcert-remove-ca(1)  getcert-resubmit(1) getcert-start-
84       tracking(1) getcert-status(1) getcert-stop-tracking(1)  certmonger-dog‐
85       tag-ipa-renew-agent-submit(8)  certmonger-dogtag-submit(8)  certmonger-
86       ipa-submit(8)   certmonger-local-submit(8)    certmonger-scep-submit(8)
87       certmonger_selinux(8)
88
89
90
91certmonger Manual                 7 June 2010                    certmonger(8)
Impressum