This is the command getcert-add-scep-ca that can be run in the OnWorks free hosting provider using one of our multiple free online workstations such as Ubuntu Online, Fedora Online, Windows online emulator or MAC OS online emulator
getcert add-scep-ca [options]
Adds a CA configuration to certmonger, which can subsequently be used to enroll
certificates. The configuration will use the bundled scep-submit helper. The add-scep-ca
command is more or less a wrapper for the add-ca command.
The nickname to give to this CA configuration. This same value can later be passed
in to getcert's request, resubmit, and start-tracking commands using the -c flag.
-u URL The location of the SCEP server's enrollment interface. This option must be
The location of a PEM-formatted copy of the SCEP server's CA's certificate. A
discovered value is supplied by the certmonger daemon for use in verifying the
signature on data returned by the SCEP server, but it is not used for verifying
HTTPS server certificates. This option must be specified if the URL is an https
The location of a PEM-formatted copy of the SCEP server's RA's certificate. A
discovered value is normally supplied by the certmonger daemon, but one can be
specified for troubleshooting purposes.
The location of a file containing other PEM-formatted certificates which may be
needed in order to properly verify signed responses sent by the SCEP server back to
the client. A discovered set is normally supplied by the certmonger daemon, but
can be specified for troubleshooting purposes.
A CA identifier value which will passed to the server when the scep-submit helper
is used to retrieve copies of the server's certificates.
-n The SCEP Renewal feature allows a client with a previously-issued certificate to
use that certificate and the associated private key to request a new certificate
for a different key pair, and can be used to support certmonger's rekeying feature
if the SCEP server advertises support for it. This option forces the scep-submit
helper to issue requests without making use of this feature.
-v Be verbose about errors. Normally, the details of an error received from the
daemon will be suppressed if the client can make a diagnostic suggestion.
Use getcert-add-scep-ca online using onworks.net services