bionic (8) certmonger-certmaster-submit.8.gz

Provided by: certmonger_0.79.5-3ubuntu1_amd64 bug

NAME

       certmaster-submit

SYNOPSIS

       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]

DESCRIPTION

       certmaster-submit  is  the  helper which certmonger uses to make requests to certmaster-based CAs.  It is
       not normally run interactively, but it can be for troubleshooting purposes.  The signing request which is
       to  be  submitted  should either be in a file whose name is given as an argument, or fed into certmaster-
       submit via stdin.

       There is no standard authenticated method for obtaining the root  certificate  from  certmaster  CAs,  so
       certmonger does not support retrieving trust information from them.

OPTIONS

       -h serverHost
              Submit  the  request  to  the  certmaster  instance  running  on  the  named host.  The default is
              localhost:51235 if a file named /var/run/certmaster.pid is found on the local system, and is  read
              from /etc/certmaster/minion.conf if that file is not found.

       -c cafile
              Submit  the  request  over HTTPS instead of HTTP, and only trust the server if its certificate was
              issued by the CA whose certificate is in the named file.

       -C capath
              Submit the request over HTTPS instead of HTTP, and only trust the server if  its  certificate  was
              issued by a CA whose certificate is in a file in the named directory.

EXIT STATUS

       0      if the certificate was issued. The certificate will be printed.

       1      if the CA is still thinking.  A cookie value will be printed.

       2      if the CA rejected the request.  An error message may be printed.

       3      if the CA was unreachable.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.

FILES

       /var/run/certmaster.pid
              the  certmaster  service's  PID file.  Its presence is taken to indicate that this system is a CA,
              and that requests should be submitted to a certmaster server running on the local system.

       /etc/certmaster/minion.conf
              the certmaster minion configuration file.  If there is no indication that the local  system  is  a
              certmaster server, then this file is consulted to determine the location of the certmaster server.

KNOWN BUGS

       Checking  for  the  existence  of  certmaster's  PID file is a terrible way to figure out whether we're a
       minion or not.

BUGS

       Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

       certmonger(8) getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)  getcert-list-cas(1)  getcert-list(1)
       getcert-modify-ca(1)   getcert-refresh-ca(1)   getcert-refresh(1)  getcert-rekey(1)  getcert-remove-ca(1)
       getcert-resubmit(1)  getcert-start-tracking(1)  getcert-status(1)  getcert-stop-tracking(1)   certmonger-
       dogtag-ipa-renew-agent-submit(8)  certmonger-dogtag-submit(8)  certmonger-ipa-submit(8) certmonger-local-
       submit(8) certmonger-scep-submit(8) certmonger_selinux(8)