getcert-add-scep-ca (1) - Linux Manuals
Command to display getcert-add-scep-ca manual in Linux: $ man 1 getcert-add-scep-ca
NAME
getcert
SYNOPSIS
getcert add-scep-ca [options]
DESCRIPTION
Adds a CA configuration to
certmonger, which can subsequently be used to
enroll certificates. The configuration will use the bundled
scep-submit
helper. The
add-scep-ca command is more or less a wrapper for the
add-ca command.
OPTIONS
- -c NAME
-
The nickname to give to this CA configuration. This same value can later be
passed in to getcert's request, resubmit, and
start-tracking commands using the -c flag.
- -u URL
-
The location of the SCEP server's enrollment interface. This option must be
specified.
- -R ca-certificate-file
-
The location of a PEM-formatted copy of the SCEP server's CA's certificate.
A discovered value is supplied by the certmonger daemon for use in verifying
the signature on data returned by the SCEP server, but it is not used for
verifying HTTPS server certificates.
This option must be specified if the URL is an https location.
- -r ra-certificate-file
-
The location of a PEM-formatted copy of the SCEP server's RA's certificate.
A discovered value is normally supplied by the certmonger daemon, but one can
be specified for troubleshooting purposes.
- -I other-certificates-file
-
The location of a file containing other PEM-formatted certificates which may be
needed in order to properly verify signed responses sent by the SCEP server
back to the client. A discovered set is normally supplied by the certmonger
daemon, but can be specified for troubleshooting purposes.
- -i identifier
-
A CA identifier value which will passed to the server when the
scep-submit helper is used to retrieve copies of the server's
certificates.
- -v
-
Be verbose about errors. Normally, the details of an error received from
the daemon will be suppressed if the client can make a diagnostic suggestion.
BUGS
Please file tickets for any that you find at
https://fedorahosted.org/certmonger/