Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

certmonger(8) [debian man page]

certmonger(8)						      System Manager's Manual						     certmonger(8)

NAME

       certmonger

SYNOPSIS

       certmonger [-s|-S] [-b TIMEOUT|-B] [-n|-f] [-d LEVEL] [-p FILE]

DESCRIPTION

       The  certmonger	daemon monitors certificates for impending expiration, and can optionally refresh soon-to-be-expired certificates with the
       help of a CA.  If told to, it can drive the entire enrollment process from key generation through enrollment and refresh.

       The daemon provides a control interface via the org.fedorahosted.certmonger service, with which client tools such as getcert(1) interact.

OPTIONS

       -s     Listen on the session bus rather than the system bus.

       -S     Listen on the system bus rather than the session bus.  This is the default.

       -b TIMEOUT
	      Behave as a bus-activated service: if there are no certificates to be monitored or obtained, and no requests received within TIMEOUT
	      seconds, exit.

       -B     Don't behave as a bus-activated service.	This is the default.

       -n     Don't fork, and log messages to stderr rather than syslog.

       -f     Do fork, and log messages to syslog rather than stderr.  This is the default.

       -d LEVEL
	      Set debugging level.  Higher values produce more debugging output.  Implies -n.

       -p FILE
	      Store the daemon's process ID in the named file.

FILES

       The set of certificates being monitored or signed is tracked using files stored under /var/lib/certmonger/requests, or in a directory named
       by the CERTMONGER_REQUESTS_DIR environment variable.

       The set of known CAs is tracked using files stored under /var/lib/certmonger/cas, or in a directory named by the  CERTMONGER_CAS_DIR  envi-
       ronment variable.

       Temporary  files  will  be stored in "/var/run/certmonger", or in the directory named by the CERTMONGER_TMPDIR environment variable if that
       value was not given at compile time.

BUGS

       Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

       getcert(1) getcert-list(1) getcert-list-cas(1) getcert-request(1) getcert-start-tracking(1) getcert-stop-tracking(1) certmonger-certmaster-
       submit(8) certmonger-ipa-submit(8)

certmonger Manual						   12 July 2011 						     certmonger(8)

Check Out this Related Man Page

certmonger(8)						      System Manager's Manual						     certmonger(8)

NAME

       certmaster-submit

SYNOPSIS

       certmaster-submit [-h serverHost] [-c cafile] [-C capath] [csrfile]

DESCRIPTION

       certmaster-submit  is the helper which certmonger uses to make requests to certmaster-based CAs.  It is not normally run interactively, but
       it can be for troubleshooting purposes.	The signing request which is to be submitted should either be in a file whose name is given as	an
       argument, or fed into certmaster-submit via stdin.

OPTIONS

       -h serverHost
	      Submit  the  request  to	the  certmaster  instance  running  on	the  named  host.   The default is localhost:51235 if a file named
	      /var/run/certmaster.pid is found on the local system, and is read from /etc/certmaster/minion.conf if that file is not found.

       -c cafile
	      Submit the request over HTTPS instead of HTTP, and only trust the server if its certificate was issued by the CA	whose  certificate
	      is in the named file.

       -C capath
	      Submit  the request over HTTPS instead of HTTP, and only trust the server if its certificate was issued by a CA whose certificate is
	      in a file in the named directory.

EXIT STATUS

       0      if the certificate was issued. The certificate will be printed.

       1      if the CA is still thinking.  A cookie value will be printed.

       2      if the CA rejected the request.  An error message may be printed.

       3      if the CA was unreachable.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.

FILES

       /var/run/certmaster.pid
	      the certmaster service's PID file.  Its presence is taken to indicate that this system is a CA, and that requests should be  submit-
	      ted to a certmaster server running on the local system.

       /etc/certmaster/minion.conf
	      the certmaster minion configuration file.  If there is no indication that the local system is a certmaster server, then this file is
	      consulted to determine the location of the certmaster server.

KNOWN BUGS

       Checking for the existence of certmaster's PID file is a terrible way to figure out whether we're a minion or not.

BUGS

       Please file tickets for any that you find at https://fedorahosted.org/certmonger/

SEE ALSO

       certmonger(8) getcert(1) getcert-list(1) getcert-list-cas(1) getcert-resubmit(1) getcert-start-tracking(1)  getcert-stop-tracking(1)  cert-
       monger-dogtag-ipa-renew-agent-submit(8) certmonger-ipa-submit(8) certmonger_selinux(8)

certmonger Manual						    7 June 2010 						     certmonger(8)
Man Page