certmonger(8)certmonger(8)NAME
certmaster-submit
SYNOPSIS
certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]
DESCRIPTION
certmaster-submit is the helper which certmonger uses to make requests
to certmaster-based CAs. It is not normally run interactively, but it
can be for troubleshooting purposes. The signing request which is to
be submitted should either be in a file whose name is given as an argu‐
ment, or fed into certmaster-submit via stdin.
OPTIONS-h serverHost
Submit the request to the certmaster instance running on the
named host. The default is localhost:51235 if a file named
/var/run/certmaster.pid is found on the local system, and is
read from /etc/certmaster/minion.conf if that file is not found.
-c cafile
Submit the request over HTTPS instead of HTTP, and only trust
the server if its certificate was issued by the CA whose cer‐
tificate is in the named file.
-C capath
Submit the request over HTTPS instead of HTTP, and only trust
the server if its certificate was issued by a CA whose certifi‐
cate is in a file in the named directory.
EXIT STATUS
0 if the certificate was issued. The certificate will be printed.
1 if the CA is still thinking. A cookie value will be printed.
2 if the CA rejected the request. An error message may be
printed.
3 if the CA was unreachable. An error message may be printed.
4 if critical configuration information is missing. An error mes‐
sage may be printed.
FILES
/var/run/certmaster.pid
the certmaster service's PID file. Its presence is taken to
indicate that this system is a CA, and that requests should be
submitted to a certmaster server running on the local system.
/etc/certmaster/minion.conf
the certmaster minion configuration file. If there is no indi‐
cation that the local system is a certmaster server, then this
file is consulted to determine the location of the certmaster
server.
KNOWN BUGS
Checking for the existence of certmaster's PID file is a terrible way
to figure out whether we're a minion or not.
BUGS
Please file tickets for any that you find at https://fedora‐
hosted.org/certmonger/
SEE ALSOcertmonger(8)getcert(1)getcert-list(1)getcert-list-cas(1) getcert-
resubmit(1)getcert-start-tracking(1)getcert-stop-tracking(1) certmon‐
ger-dogtag-ipa-renew-agent-submit(8)certmonger-ipa-submit(8)certmonger Manual 7 June 2010 certmonger(8)