File: certmaster-submit.txt

package info (click to toggle)
certmonger 0.75.14-3
  • links: PTS, VCS
  • area: main
  • in suites: jessie, jessie-kfreebsd
  • size: 8,540 kB
  • ctags: 2,176
  • sloc: ansic: 41,340; sh: 9,551; makefile: 528; python: 207; xml: 190; sed: 16
file content (18 lines) | stat: -rw-r--r-- 817 bytes parent folder | download | duplicates (5)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
The submission protocol is a single XMLRPC.

Request to http://server:port/, method = "wait_for_cert".  The port,
default "51235", is given in the server's certmaster.conf, and both the
server and the port number are given in the client's minion.conf.  The
client does not authenticate.

Request parameters are a single argument, PEM-formatted CSR, with the
limitation that the header must be for "CERTIFICATE REQUEST" and not
"NEW CERTIFICATE REQUEST".  (The request as-sent is compared to a rebuilt
copy which uses this header to determine if the request matches one
which has already been received.)

Response is a sequence of (boolean, string, string), either (true,
issued-cert, issuer-cert), or (false, '', '').  The issued certificate
is returned in PEM format.

- Based on certmaster.py from certmaster 0.25.