Provided by: certmonger_0.79.6-2_amd64 bug

NAME

       local-submit

SYNOPSIS

       local-submit [-d state-directory] [-v] [csrfile]

DESCRIPTION

       local-submit is the helper which certmonger uses to implement its local signer.  It is not
       normally run interactively, but it can  be  for  troubleshooting  purposes.   The  signing
       request  which  is  to  be  submitted should either be in a file whose name is given as an
       argument, or fed into local-submit via stdin.

       The local signer is currently hard-coded to generate and use a 2048-bit RSA key and a name
       and  initial  serial number based on a UUID, replacing that key and certificate at roughly
       the midpoint of their useful lifetime.

       certmonger  supports  retrieving  the  list  of  current  and  previously-used  local   CA
       certificates.   See  getcert-request(1)  and  getcert-resubmit(1)  for  information  about
       specifying where those certificates should be stored.

OPTIONS

       -d state-directory
              Identifies  the  directory  which  contains  the  local   signer's   private   key,
              certificates, and other data used by the local signer.

       -v     Increases the verbosity of the tool's diagnostic logging.

EXIT STATUS

       0      if the certificate was issued. The new certificate will be printed.

       3      if the helper needs to be called again.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.

FILES

       creds  is currently a PKCS#12 bundle containing the local signer's current signing key and
              current and previously-used signer certificates.  It should not be modified  except
              by  the  local  signer.   A  new  key is currently generated when ever a new signer
              certificate is needed.

       serial currently contains the serial number  which  will  be  used  for  the  next  issued
              certificate.  It should not be modified except by the local signer.

BUGS

       Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

       certmonger(8)   getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)  getcert-list-cas(1)
       getcert-list(1)  getcert-modify-ca(1)  getcert-refresh-ca(1)  getcert-refresh(1)  getcert-
       rekey(1)   getcert-remove-ca(1)   getcert-resubmit(1)  getcert-start-tracking(1)  getcert-
       status(1) getcert-stop-tracking(1) certmonger-certmaster-submit(8)  certmonger-dogtag-ipa-
       renew-agent-submit(8)   certmonger-dogtag-submit(8)  certmonger-ipa-submit(8)  certmonger-
       scep-submit(8) certmonger_selinux(8)