Provided by: certmonger_0.79.5-3ubuntu1_amd64 bug

NAME
       certmaster-submit


SYNOPSIS
       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]


DESCRIPTION
       certmaster-submit  is  the  helper which certmonger uses to make requests to certmaster-based CAs.  It is
       not normally run interactively, but it can be for troubleshooting purposes.  The signing request which is
       to be submitted should either be in a file whose name is given as an argument, or  fed  into  certmaster-
       submit via stdin.

       There  is  no  standard  authenticated  method for obtaining the root certificate from certmaster CAs, so
       certmonger does not support retrieving trust information from them.


OPTIONS
       -h serverHost
              Submit the request to the  certmaster  instance  running  on  the  named  host.   The  default  is
              localhost:51235  if a file named /var/run/certmaster.pid is found on the local system, and is read
              from /etc/certmaster/minion.conf if that file is not found.

       -c cafile
              Submit the request over HTTPS instead of HTTP, and only trust the server if  its  certificate  was
              issued by the CA whose certificate is in the named file.

       -C capath
              Submit  the  request  over HTTPS instead of HTTP, and only trust the server if its certificate was
              issued by a CA whose certificate is in a file in the named directory.


EXIT STATUS
       0      if the certificate was issued. The certificate will be printed.

       1      if the CA is still thinking.  A cookie value will be printed.

       2      if the CA rejected the request.  An error message may be printed.

       3      if the CA was unreachable.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.


FILES
       /var/run/certmaster.pid
              the certmaster service's PID file.  Its presence is taken to indicate that this system  is  a  CA,
              and that requests should be submitted to a certmaster server running on the local system.

       /etc/certmaster/minion.conf
              the  certmaster  minion  configuration file.  If there is no indication that the local system is a
              certmaster server, then this file is consulted to determine the location of the certmaster server.


KNOWN BUGS
       Checking for the existence of certmaster's PID file is a terrible way  to  figure  out  whether  we're  a
       minion or not.


BUGS
       Please file tickets for any that you find at https://fedorahosted.org/certmonger/


SEE ALSO
       certmonger(8)  getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)  getcert-list-cas(1) getcert-list(1)
       getcert-modify-ca(1)  getcert-refresh-ca(1)  getcert-refresh(1)   getcert-rekey(1)   getcert-remove-ca(1)
       getcert-resubmit(1)   getcert-start-tracking(1)  getcert-status(1)  getcert-stop-tracking(1)  certmonger-
       dogtag-ipa-renew-agent-submit(8) certmonger-dogtag-submit(8)  certmonger-ipa-submit(8)  certmonger-local-
       submit(8) certmonger-scep-submit(8) certmonger_selinux(8)

certmonger Manual                                  7 June 2010                                     certmonger(8)