Provided by: libest-utils_3.2.0+ds-1.1_amd64 
NAME
estproxy - example EST proxy application acting as an RA
OPTIONS
-v
Verbose operation
-n
Disable HTTP authentication
-h
Use HTTP Digest auth instead of Basic auth
-t
Enable PoP check of TLS UID
-c file
PEM file to use for server cert
-k file
PEM file to use for server key
-s server
Upstream server IP address
-p port#
Upstream server TCP port#
-l port#
Downstream client TCP port# to listen on
-r value
HTTP realm to present to clients
-d seconds
Sleep timer to auto-shut the server
-f
Runs EST Proxy in FIPS MODE = ON
-6
Enable IPv6
-w count
Timeout in seconds to wait for server response (default=10)
--srp file
Enable TLS-SRP authentication of client using the specified SRP parameters file
--enhcd_cert_auth
Enable Enhanced Certificate Auth mode
--cert_auth_ah_pwd value
Specify the auth header password to use in Enhanced Certificate Auth mode
--cert_auth_csr_check_on
Enable the CSR check during Enhanced Cert Auth
--enhcd_cert_local_nid nid
Sets the local PKI domain subject field NID to grab from the peer cert. If not set the
commonName NID will be used
--enhcd_cert_mfg_name name
Sets name of the manufacturer to be registered This name is required when registering
a manufacturer
--enhcd_cert_mfg_truststore file
Specifies a truststore file for an Enhanced Certificate Auth manufacturer to select
the subject filed based upon. This truststore is required when registering a
manufacturer
--enhcd_cert_mfg_nid nid
Sets the subject field NID to grab from the peer cert when that cert came from the
manufacturer. If not set the commonName NID will be used
--path-seg value
Sets the value of the path segment to be injected into the proxy context
--perf-timers-on
Enable the performance timers in proxy
COPYRIGHT & LICENSE
Copyright (c) 2012-2018 Cisco Systems, Inc. All rights reserved.
License (BSD-3-Clause):
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials provided
with the distribution.
Neither the name of the Cisco Systems, Inc. nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.
AUTHOR
This manpage is based on estproxy's usage output and the included documentation. It was
written for the Debian project by Christoph Biedl <debian.axhn@manchmal.in-ulm.de> but may
be used by others.