bionic (8) certmonger-local-submit.8.gz

Provided by: certmonger_0.79.5-3ubuntu1_amd64 bug

NAME

       local-submit

SYNOPSIS

       local-submit [-d state-directory] [-v] [csrfile]

DESCRIPTION

       local-submit  is  the helper which certmonger uses to implement its local signer.  It is not normally run
       interactively, but it can be for troubleshooting purposes.  The signing request which is to be  submitted
       should either be in a file whose name is given as an argument, or fed into local-submit via stdin.

       The  local  signer  is currently hard-coded to generate and use a 2048-bit RSA key and a name and initial
       serial number based on a UUID, replacing that key and certificate at roughly the midpoint of their useful
       lifetime.

       certmonger  supports  retrieving  the  list  of  current  and previously-used local CA certificates.  See
       getcert-request(1) and getcert-resubmit(1) for information  about  specifying  where  those  certificates
       should be stored.

OPTIONS

       -d state-directory
              Identifies  the  directory  which contains the local signer's private key, certificates, and other
              data used by the local signer.

       -v     Increases the verbosity of the tool's diagnostic logging.

EXIT STATUS

       0      if the certificate was issued. The new certificate will be printed.

       3      if the helper needs to be called again.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.

FILES

       creds  is currently a PKCS#12 bundle containing the local signer's current signing key  and  current  and
              previously-used signer certificates.  It should not be modified except by the local signer.  A new
              key is currently generated when ever a new signer certificate is needed.

       serial currently contains the serial number which will be used  for  the  next  issued  certificate.   It
              should not be modified except by the local signer.

BUGS

       Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

       certmonger(8)  getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)  getcert-list-cas(1) getcert-list(1)
       getcert-modify-ca(1)  getcert-refresh-ca(1)  getcert-refresh(1)   getcert-rekey(1)   getcert-remove-ca(1)
       getcert-resubmit(1)   getcert-start-tracking(1)  getcert-status(1)  getcert-stop-tracking(1)  certmonger-
       certmaster-submit(8) certmonger-dogtag-ipa-renew-agent-submit(8) certmonger-dogtag-submit(8)  certmonger-
       ipa-submit(8) certmonger-scep-submit(8) certmonger_selinux(8)