Provided by: certmonger_0.78.6-2_i386 bug

NAME

       local-submit

SYNOPSIS

       local-submit [-d state-directory] [-v] [csrfile]

DESCRIPTION

       local-submit is the helper which certmonger uses to implement its local
       signer.  It is not normally  run  interactively,  but  it  can  be  for
       troubleshooting purposes.  The signing request which is to be submitted
       should either be in a file whose name is given as an argument,  or  fed
       into local-submit via stdin.

       The local signer is currently hard-coded to generate and use a 2048-bit
       RSA key and a name and initial serial number based on a UUID, replacing
       that  key  and  certificate  at  roughly  the  midpoint of their useful
       lifetime.

       certmonger supports retrieving the list of current and  previously-used
       local  CA certificates.  See getcert-request(1) and getcert-resubmit(1)
       for information about specifying where  those  certificates  should  be
       stored.

OPTIONS

       -d state-directory
              Identifies  the  directory  which  contains  the  local signer's
              private key, certificates, and other  data  used  by  the  local
              signer.

       -v     Increases the verbosity of the tool's diagnostic logging.

EXIT STATUS

       0      if  the  certificate  was  issued.  The  new certificate will be
              printed.

       3      if the helper needs to be called again.  An error message may be
              printed.

       4      if  critical  configuration  information  is  missing.  An error
              message may be printed.

FILES

       creds  is currently a PKCS#12  bundle  containing  the  local  signer's
              current  signing  key  and  current  and  previously-used signer
              certificates.  It should not be modified  except  by  the  local
              signer.  A new key is currently generated when ever a new signer
              certificate is needed.

       serial currently contains the serial number which will be used for  the
              next  issued  certificate.   It should not be modified except by
              the local signer.

BUGS

       Please    file    tickets    for    any    that     you     find     at
       https://fedorahosted.org/certmonger/

SEE ALSO

       certmonger(8)   getcert(1)   getcert-add-ca(1)   getcert-add-scep-ca(1)
       getcert-list-cas(1)   getcert-list(1)   getcert-modify-ca(1)   getcert-
       refresh-ca(1)  getcert-remove-ca(1)  getcert-resubmit(1) getcert-start-
       tracking(1)  getcert-status(1)   getcert-stop-tracking(1)   certmonger-
       certmaster-submit(8)        certmonger-dogtag-ipa-renew-agent-submit(8)
       certmonger-dogtag-submit(8)  certmonger-ipa-submit(8)  certmonger-scep-
       submit(8) certmonger_selinux(8)