Provided by: certmonger_0.79.19-1build4_amd64 bug

NAME
       local-submit


SYNOPSIS
       local-submit [-d state-directory] [-v] [csrfile]


DESCRIPTION
       local-submit  is  the helper which certmonger uses to implement its local signer.  It is not normally run
       interactively, but it can be for troubleshooting purposes.  The signing request which is to be  submitted
       should either be in a file whose name is given as an argument, or fed into local-submit via stdin.

       The  local  signer  is currently hard-coded to generate and use a 2048-bit RSA key and a name and initial
       serial number based on a UUID, replacing that key and certificate at roughly the midpoint of their useful
       lifetime.

       certmonger supports retrieving the list of  current  and  previously-used  local  CA  certificates.   See
       getcert-request(1)  and  getcert-resubmit(1)  for  information  about specifying where those certificates
       should be stored.


OPTIONS
       -d DIR, --ca-data-directory=DIR
              Identifies the directory which contains the local signer's private key,  certificates,  and  other
              data used by the local signer.

       -v, --verbose
              Increases the verbosity of the tool's diagnostic logging.


EXIT STATUS
       0      if the certificate was issued. The new certificate will be printed.

       3      if the helper needs to be called again.  An error message may be printed.

       4      if critical configuration information is missing.  An error message may be printed.


FILES
       creds  is  currently  a  PKCS#12 bundle containing the local signer's current signing key and current and
              previously-used signer certificates.  It should not be modified except by the local signer.  A new
              key is currently generated when ever a new signer certificate is needed.

       serial currently contains the serial number which will be used  for  the  next  issued  certificate.   It
              should not be modified except by the local signer.


BUGS
       Please file tickets for any that you find at https://fedorahosted.org/certmonger/


SEE ALSO
       certmonger(8)  getcert(1)  getcert-add-ca(1)  getcert-add-scep-ca(1)  getcert-list-cas(1) getcert-list(1)
       getcert-modify-ca(1)  getcert-refresh-ca(1)  getcert-refresh(1)   getcert-rekey(1)   getcert-remove-ca(1)
       getcert-resubmit(1)       getcert-start-tracking(1)       getcert-status(1)      getcert-stop-tracking(1)
       certmonger-certmaster-submit(8)  certmonger-dogtag-ipa-renew-agent-submit(8)  certmonger-dogtag-submit(8)
       certmonger-ipa-submit(8) certmonger-scep-submit(8) certmonger_selinux(8)

certmonger Manual                                 June 7, 2014                                     CERTMONGER(8)