1certmonger(1)               General Commands Manual              certmonger(1)
2
3
4

NAME

6       getcert
7
8

SYNOPSIS

10       getcert resubmit [options]
11
12

DESCRIPTION

14       Tells certmonger to generate (or regenerate) a signing request and sub‐
15       mit (or resubmit) the signing request to a CA for signing.
16
17

SPECIFYING REQUESTS BY NICKNAME

19       -i NAME
20              Resubmit a signing request for the tracking  request  which  has
21              this  nickname.  If this option is not specified, and a tracking
22              entry which matches the  key  and  certificate  storage  options
23              which are specified already exists, that entry will be used.  If
24              not specified, the location of the certificate should be  speci‐
25              fied with either a combination of the -d and -n options, or with
26              the -f option.
27
28

SPECIFYING REQUESTS BY CERTIFICATE LOCATION

30       -d DIR The certificate is in the NSS database in the  specified  direc‐
31              tory.
32
33       -n NAME
34              The certificate in the NSS database named with -d has the speci‐
35              fied nickname.  Only valid with -d.
36
37       -t TOKEN
38              If the NSS database has more than one token available, the  cer‐
39              tificate  is  stored  in  this token.  This argument only rarely
40              needs to be specified.  Only valid with -d.
41
42       -f FILE
43              The certificate is stored in the named file.
44
45

ENROLLMENT OPTIONS

47       -c NAME
48              Submit the new signing request to the specified CA  rather  than
49              the  one  which was previously associated with this certificate.
50              The name of the CA should correspond to one  listed  by  getcert
51              list-cas.
52
53       -I NAME
54              Assign the specified nickname to this task, replacing the previ‐
55              ous nickname.  Valid nicknames contain only characters from  the
56              set "[A-Z][a-z][0-9]_".
57
58

SIGNING REQUEST OPTIONS

60       -N NAME
61              Change the subject name to include in the signing request.
62
63       -U EKU Change  the  extendedKeyUsage  value  specified  in an extended‐
64              KeyUsage extension part of the extensionRequest attribute in the
65              signing  request.   The  EKU  value  is expected to be an object
66              identifier (OID).
67
68       -K NAME
69              Change the Kerberos principal name specified as part of  a  sub‐
70              jectAltName  extension part of the extensionRequest attribute in
71              the signing request.
72
73       -E EMAIL
74              Change the email address specified as part of  a  subjectAltName
75              extension  part of the extensionRequest attribute in the signing
76              request.
77
78       -D DNSNAME
79              Change the DNS name specified as part of a subjectAltName exten‐
80              sion  part  of  the  extensionRequest  attribute  in the signing
81              request.
82
83

OTHER OPTIONS

85       -v     Be verbose about errors.  Normally,  the  details  of  an  error
86              received  from  the  daemon will be suppressed if the client can
87              make a diagnostic suggestion.
88
89

BUGS

91       Please  file  tickets  for  any  that  you  find   at   https://fedora
92       hosted.org/certmonger/
93
94

SEE ALSO

96       certmonger(8)  getcert(1)  getcert-list(1) getcert-list-cas(1) getcert-
97       request(1) getcert-start-tracking(1) getcert-stop-tracking(1)  certmon‐
98       ger-certmaster-submit(8) certmonger-ipa-submit(8)
99
100
101
102certmonger Manual               3 November 2009                  certmonger(1)
Impressum