1rhsmcertd(8)                Subscription Management               rhsmcertd(8)
2
3
4

NAME

6       rhsmcertd - Periodically scans and updates the entitlement certificates
7       on a registered system.
8
9

SYNOPSIS

11       rhsmcertd [--cert-check-interval=MINUTES]  [--auto-attach-interval=MIN‐
12       UTES]  [--auto-registration-interval] [--no-splay] [--now] [--auto-reg‐
13       istration] [--debug] [--help]
14
15
16       Deprecated usage
17
18       rhsmcertd [certInterval autoattachInterval]
19
20

DESCRIPTION

22       Red Hat provides content updates and support by  issuing  subscriptions
23       for  its  products.  These  subscriptions  are  applied to systems (ma‐
24       chines). Red Hat Subscription Manager is a tool which  allows  adminis‐
25       trators  to  manage those subscriptions by registering systems and peo‐
26       ple, applying subscriptions, and viewing subscriptions.
27
28
29       When subscriptions are applied to a system or  when  new  subscriptions
30       are  available,  the subscription management system issues that machine
31       an X.509 certificate which contains all of the  details  of  that  sub‐
32       scription. The rhsmcertd process runs periodically to check for changes
33       in the subscriptions available to a machine by updating the entitlement
34       certificates installed on the machine and by installing new entitlement
35       certificates as they're available.
36
37
38       At a defined interval, the process checks with the subscription manage‐
39       ment  service to see if any new subscriptions are available to the sys‐
40       tem. If there are, it pulls in  the  associated  subscription  certifi‐
41       cates.  If  any  subscriptions  have  expired and new subscriptions are
42       available, then the rhsmcertd process will automatically request  those
43       subscriptions. By default, the initial auto-attach is delayed by a ran‐
44       dom amount of seconds from zero to the autoAttachInterval. The  initial
45       cert  check  is  delayed  by  a  random  amount of seconds from zero to
46       certCheckInterval.
47
48
49       This rhsmcertd process can also perform automatic registration, when VM
50       is  running  in the public cloud. Three public cloud providers are sup‐
51       ported: AWS, Azure and GCP. When it is  desired  to  perform  automatic
52       registration  by rhsmcertd, then it is also necessary to configure map‐
53       ping of "Cloud ID" to  "RHSM  organization  ID"  on  https://cloud.red
54       hat.com.
55
56
57       This  rhsmcertd  process invokes the rhsmcertd-worker.py script to per‐
58       form the certificate add and update operations.
59
60
61       Both the certificate interval and the auto-attach interval are  config‐
62       urable and can be reset through the rhsmcertd daemon itself or by edit‐
63       ing the Subscription Manager /etc/rhsm/rhsm.conf file.
64
65
66       rhsmcertd is started with the machine, by default, and is  always  run‐
67       ning in the background.
68
69

OPTIONS

71       -h, --help
72              Prints the specific help information for the given command.
73
74
75       -d, --debug
76              Records  more  verbose output to the /var/log/rhsm/rhsmcertd.log
77              log file.
78
79
80       -n, --now
81              Runs the rhsmcertd scan immediately, rather than waiting for the
82              next scheduled interval.
83
84
85       -c, --cert-check-interval=MINUTES
86              Resets  the  interval for checking for new subscription certifi‐
87              cates. This value is in minutes. The default  is  240,  or  four
88              hours. This interval is in effect until the daemon restarts, and
89              then the values in the /etc/rhsm/rhsm.conf file are used (unless
90              the argument is passed again).
91
92
93       -i, --auto-attach-interval=MINUTES
94              Resets  the interval for checking for and replacing expired sub‐
95              scriptions. This value is in minutes. The default is 1440, or 24
96              hours. This interval is in effect until the daemon restarts, and
97              then the values in the /etc/rhsm/rhsm.conf file are used (unless
98              the argument is passed again).
99
100
101       -r, --auto-registration-interval=MINUTES
102              Resets the interval for automatic registration. This value is in
103              minutes. The default is 60, or 1 hour. This interval is  in  ef‐
104              fect  until  the  daemon  restarts,  and  then the values in the
105              /etc/rhsm/rhsm.conf file are used (unless the argument is passed
106              again).
107
108
109       -s, --no-splay
110              If present this option disables the splay feature entirely. When
111              not present the value of "splay"  from  the  /etc/rhsm/rhsm.conf
112              file  is used to determine whether the splay feature is on ("1")
113              or off ("0").
114
115
116       -a, --auto-registration
117              If present this option enable automatic registration.  When  not
118              present    the    value    of   "auto_registration"   from   the
119              /etc/rhsm/rhsm.conf file is used to determine whether the  auto‐
120              matic registration feature is on ("1") or off ("0").
121
122

USAGE EXAMPLES

124       NOTE   Be  sure  to stop the running rhsmcertd daemon before making any
125              configuration changes, or the new configuration is not applied.
126
127
128   RESETTING THE CERTIFICATE SCAN INTERVAL
129       service rhsmcertd stop
130       rhsmcertd --cert-check-interval=240
131
132
133   RUNNING CERTIFICATE AND HEALING SCANS IMMEDIATELY
134       Normally, the certificate and auto-attach scans are  run  periodically,
135       on  a schedule defined in the rhsmcertd configuration. The scans can be
136       run immediately -- which is useful if an administrator knows that there
137       are  new  subscriptions  available  --  and then the scans resume their
138       schedules.
139       service rhsmcertd stop
140       rhsmcertd -n
141
142
143   DEPRECATED USAGE
144       rhsmcertd used to allow the certificate and auto-attach intervals to be
145       reset simply by passing two integers as arguments.
146
147       rhsmcertd certInterval autoAttachInterval
148
149       For example:
150       service rhsmcertd stop
151       rhsmcertd 180 480
152
153       This usage is still allowed, but it is deprecated and not recommended.
154
155

ASSOCIATED FILES

157              * /usr/share/rhsm/certmgr.py
158
159              * /etc/rhsm/rhsm.conf
160
161              * /var/log/rhsm/rhsmcertd.log
162
163

BUGS

165       This  daemon  is  part  of  Red  Hat Subscription Manager. To file bugs
166       against this daemon, go to https://bugzilla.redhat.com, and select  Red
167       Hat > Red Hat Enterprise Linux > subscription-manager.
168
169
170

AUTHORS

172       Deon  Lackey, <dlackey@redhat.com> and Jeff Ortel, <jortel@redhat.com>.
173       rhsmcertd was written by Jeff Ortel.
174
175
177       Copyright (c) 2010-2012 Red Hat, Inc. This is licensed  under  the  GNU
178       General  Public  License,  version 2 (GPLv2). A copy of this license is
179       available at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
180
181
182
183                                                                  rhsmcertd(8)
Impressum