Provided by: certmonger_0.78.6-3_amd64 bug




       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]


       certmaster-submit is the helper which certmonger uses to make requests to certmaster-based
       CAs.  It is not normally run interactively, but it can be  for  troubleshooting  purposes.
       The  signing  request  which  is  to be submitted should either be in a file whose name is
       given as an argument, or fed into certmaster-submit via stdin.

       There is no  standard  authenticated  method  for  obtaining  the  root  certificate  from
       certmaster CAs, so certmonger does not support retrieving trust information from them.


       -h serverHost
              Submit  the  request  to  the  certmaster  instance running on the named host.  The
              default is localhost:51235 if a file named /var/run/ is found on  the
              local  system,  and  is  read  from /etc/certmaster/minion.conf if that file is not

       -c cafile
              Submit the request over HTTPS instead of HTTP, and only trust  the  server  if  its
              certificate was issued by the CA whose certificate is in the named file.

       -C capath
              Submit  the  request  over  HTTPS instead of HTTP, and only trust the server if its
              certificate was issued by a CA  whose  certificate  is  in  a  file  in  the  named


       0      if the certificate was issued. The certificate will be printed.

       1      if the CA is still thinking.  A cookie value will be printed.

       2      if the CA rejected the request.  An error message may be printed.

       3      if the CA was unreachable.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.


              the  certmaster  service's  PID  file.  Its presence is taken to indicate that this
              system is a CA, and that requests  should  be  submitted  to  a  certmaster  server
              running on the local system.

              the certmaster minion configuration file.  If there is no indication that the local
              system is a certmaster server,  then  this  file  is  consulted  to  determine  the
              location of the certmaster server.


       Checking  for  the  existence  of  certmaster's  PID  file is a terrible way to figure out
       whether we're a minion or not.


       Please file tickets for any that you find at


       certmonger(8)  getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)   getcert-list-cas(1)
       getcert-list(1)  getcert-modify-ca(1)  getcert-refresh-ca(1) getcert-remove-ca(1) getcert-
       resubmit(1)    getcert-start-tracking(1)    getcert-status(1)     getcert-stop-tracking(1)
       certmonger-dogtag-ipa-renew-agent-submit(8)   certmonger-dogtag-submit(8)  certmonger-ipa-
       submit(8) certmonger-local-submit(8) certmonger-scep-submit(8) certmonger_selinux(8)