Provided by: certmonger_0.78.6-2_i386 bug




       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]


       certmaster-submit  is the helper which certmonger uses to make requests
       to certmaster-based CAs.  It is not normally run interactively, but  it
       can  be  for troubleshooting purposes.  The signing request which is to
       be submitted should either be in a file  whose  name  is  given  as  an
       argument, or fed into certmaster-submit via stdin.

       There  is  no  standard  authenticated  method  for  obtaining the root
       certificate  from  certmaster  CAs,  so  certmonger  does  not  support
       retrieving trust information from them.


       -h serverHost
              Submit  the  request  to  the certmaster instance running on the
              named host.  The default is  localhost:51235  if  a  file  named
              /var/run/  is  found  on  the local system, and is
              read from /etc/certmaster/minion.conf if that file is not found.

       -c cafile
              Submit the request over HTTPS instead of HTTP,  and  only  trust
              the  server  if  its  certificate  was  issued  by  the CA whose
              certificate is in the named file.

       -C capath
              Submit the request over HTTPS instead of HTTP,  and  only  trust
              the  server  if  its  certificate  was  issued  by  a  CA  whose
              certificate is in a file in the named directory.


       0      if the certificate was issued. The certificate will be printed.

       1      if the CA is still thinking.  A cookie value will be printed.

       2      if the CA  rejected  the  request.   An  error  message  may  be

       3      if the CA was unreachable.  An error message may be printed.

       4      if  critical  configuration  information  is  missing.  An error
              message may be printed.


              the certmaster service's PID file.  Its  presence  is  taken  to
              indicate  that  this system is a CA, and that requests should be
              submitted to a certmaster server running on the local system.

              the certmaster  minion  configuration  file.   If  there  is  no
              indication  that  the  local system is a certmaster server, then
              this  file  is  consulted  to  determine  the  location  of  the
              certmaster server.


       Checking  for  the existence of certmaster's PID file is a terrible way
       to figure out whether we're a minion or not.


       Please    file    tickets    for    any    that     you     find     at


       certmonger(8)   getcert(1)   getcert-add-ca(1)   getcert-add-scep-ca(1)
       getcert-list-cas(1)   getcert-list(1)   getcert-modify-ca(1)   getcert-
       refresh-ca(1)  getcert-remove-ca(1)  getcert-resubmit(1) getcert-start-
       tracking(1)  getcert-status(1)   getcert-stop-tracking(1)   certmonger-
       dogtag-ipa-renew-agent-submit(8)            certmonger-dogtag-submit(8)
       certmonger-ipa-submit(8)  certmonger-local-submit(8)   certmonger-scep-
       submit(8) certmonger_selinux(8)