Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

certmonger-0.56-1.fc15 RPM for x86_64

From Fedora 15 updates for x86_64

Name: certmonger Distribution: Fedora Project
Version: 0.56 Vendor: Fedora Project
Release: 1.fc15 Build date: Tue Mar 6 19:24:21 2012
Group: System Environment/Daemons Build host: x86-05.phx2.fedoraproject.org
Size: 1204067 Source RPM: certmonger-0.56-1.fc15.src.rpm
Packager: Fedora Project
Url: http://certmonger.fedorahosted.org
Summary: Certificate status monitor and PKI enrollment client
 
Certmonger is a service which is primarily concerned with getting your
system enrolled with a certificate authority (CA) and keeping it enrolled.

Provides

Requires

License

GPLv3+

Changelog

* Sat Mar 03 2012 Nalin Dahyabhai <nalin@redhat.com> 0.56-1
  - when a caller sets the is-default flag on a CA, and another CA is no longer
    the default, emit the PropertiesChanged signal on the CA which is not the
    default, instead on the new default a second time
  - drop some dead code from the D-Bus message handlers (static analysis,
    - cache public keys when we read private keys
  - go back to printing an error indicating that we're missing a required
    argument when we're missing a required argument, not that the option is
    invalid (broken since 0.51, #796542)
* Thu Feb 16 2012 Nalin Dahyabhai <nalin@redhat.com> 0.55-1
  - allow root to use our implementation of org.freedesktop.DBus.Properties
  - take more care to not emit useless PropertiesChanged signals
* Thu Feb 16 2012 Nalin Dahyabhai <nalin@redhat.com> 0.54-1
  - fix setting the group ID when spawning the post-save command
* Wed Feb 15 2012 Nalin Dahyabhai <nalin@redhat.com> 0.53-1
  - large changes to the D-Bus glue, exposing a lot of data which we were
    providing via D-Bus getter methods as properties, and providing more
    accurate introspection data
  - emit a signal when the daemon saves a certificate to the destination
    location, and provide an option to have the daemon spawn an arbitrary
    command at that point, too (#766167)
  - enable starting the service by default on RHEL (#765600)
* Thu Jan 12 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.52-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
* Fri Dec 16 2011 Nalin Dahyabhai <nalin@redhat.com> 0.52-1
  - note that SELinux usually confines us to writing only to cert_t in
    doc/getting-started.txt (#765599)
  - fix crashes when we add a request during our first run when we're
    populating the hard-coded CA list
  - properly deal with cases where a path is passed to us is "./XXX"
  - in session mode, create our data directories as we go
* Tue Dec 06 2011 Nalin Dahyabhai <nalin@redhat.com> 0.51-1
  - api: lift restrictions on characters used in request and CA nicknames by
    making their object names not incorporate their nicknames
  - api: add find_request_by_nickname and find_ca_by_nickname
  - certmonger-ipa-submit.8: list -k, -K, -t in the summary, document -K
  - getcert: print "invalid option" error messages ourselves (#756291)
  - ipa-submit: supply a Referer: header when submitting requests to IPA
    (#750617, needed for #747710)
* Fri Oct 14 2011 Nalin Dahyabhai <nalin@redhat.com> 0.50-1
  - really fix these this time:
   - getcert: error out when "list -c" finds no matching CA (#743488)
   - getcert: error out when "list -i" finds no matching request (#743485)
* Wed Oct 12 2011 Nalin Dahyabhai <nalin@redhat.com> 0.49-1
  - when using an NSS database, skip loading the module database (#743042)
  - when using an NSS database, skip loading root certs
  - generate SPKAC values when generating CSRs, though we don't do anything
    with SPKAC values yet
  - internally maintain and use challenge passwords, if we have them
  - behave better when certificates have shorter lifetimes
  - add/recognize/handle notification type "none"
  - getcert: error out when "list -c" finds no matching CA (#743488)
  - getcert: error out when "list -i" finds no matching request (#743485)
* Thu Sep 29 2011 Nalin Dahyabhai <nalin@redhat.com> 0.48-1
  - don't incorrectly assume that CERT_ImportCerts() returns a NULL-terminated
    array (#742348)
* Tue Sep 27 2011 Nalin Dahyabhai <nalin@redhat.com> 0.47-1
  - getcert: distinguish between {stat() succeeds but isn't a directory} and
    {stat() failed} when printing an error message (#739903)
  - getcert resubmit/start-tracking: when we're looking for an existing request
    by ID, and we don't find one, note that specifically (#741262)
* Mon Aug 29 2011 Stephen Gallagher <sgallagh@redhat.com> - 0.46-1.1
  - Rebuild against fixed libtevent version
* Mon Aug 15 2011 Nalin Dahyabhai <nalin@redhat.com> 0.46-1
  - treat the ability to access keys in an NSS database without using a PIN,
    when we've been told we need one, as an error (#692766, really this time)
* Thu Aug 11 2011 Nalin Dahyabhai <nalin@redhat.com> 0.45-1
  - modify the systemd .service file to be a proper 'dbus' service (more
    of #718172)
* Thu Aug 11 2011 Nalin Dahyabhai <nalin@redhat.com> 0.44-1
  - check specifically for cases where a specified token that we need to
    use just isn't present for whatever reason (#697058)
* Wed Aug 10 2011 Nalin Dahyabhai <nalin@redhat.com> 0.43-1
  - add a -K option to ipa-submit, to use the current ccache, which makes
    it easier to test
* Fri Aug 05 2011 Nalin Dahyabhai <nalin@redhat.com>
  - if xmlrpc-c's struct xmlrpc_curl_xportparms has a gss_delegate field, set
    it to TRUE when we're doing Negotiate auth (#727864, #727863, #727866)
* Wed Jul 13 2011 Nalin Dahyabhai <nalin@redhat.com>
  - treat the ability to access keys in an NSS database without using a PIN,
    when we've been told we need one, as an error (#692766)
  - when handling "getcert resubmit" requests, if we don't have a key yet,
    make sure we go all the way back to generating one (#694184)
  - getcert: try to clean up tests for NSS and PEM file locations (#699059)
  - don't try to set reconnect-on-exit policy unless we managed to connect
    to the bus (#712500)
  - handle cases where we specify a token but the storage token isn't
    known (#699552)
  - getcert: recognize -i and storage options to narrow down which requests
    the user wants to know about (#698772)
  - output hints when the daemon has startup problems, too (#712075)
  - add flags to specify whether we're bus-activated or not, so that we can
    exit if we have nothing to do after handling a request received over
    the bus if some specified amount of time has passed
  - explicitly disallow non-root access in the D-Bus configuration (#712072)
  - migrate to systemd on releases newer than Fedora 15 or RHEL 6 (#718172)
  - fix a couple of incorrect calls to talloc_asprintf() (#721392)
* Wed Apr 13 2011 Nalin Dahyabhai <nalin@redhat.com> 0.42-1
  - getcert: fix a buffer overrun preparing a request for the daemon when
    there are more parameters to encode than space in the array (#696185)
  - updated translations: de, es, id, pl, ru, uk
* Mon Apr 11 2011 Nalin Dahyabhai <nalin@redhat.com> 0.41-1
  - read information about the keys we've just generated before proceeding
    to generating a CSR (part of #694184, part of #695675)
  - when processing a "resubmit" request from getcert, go back to key
    generation if we don't have keys yet, else go back to CSR generation as
    before (#694184, #695675)
  - configure with --with-tmpdir=/var/run/certmonger and own /var/run/certmonger
    (#687899), and add a systemd tmpfiles.d control file for creating
    /var/run/certmonger on Fedora 15 and later
  - let session instances exit when they get disconnected from the bus
  - use a lock file to make sure there's only one session instance messing
    around with the user's files at a time
  - fix errors saving certificates to NSS databases when there's already a
    certificate there with the same nickname (#695672)
  - make key and certificate location output from 'getcert list' more properly
    translatable (#7)
* Mon Mar 28 2011 Nalin Dahyabhai <nalin@redhat.com> 0.40-1
  - update to 0.40
    - fix validation check on EKU OIDs in getcert (#691351)
    - get session bus mode sorted
    - add a list of recognized EKU values to the getcert-request man page
* Fri Mar 25 2011 Nalin Dahyabhai <nalin@redhat.com> 0.39-1
  - update to 0.39
    - fix use of an uninitialized variable in the xmlrpc-based submission
      helpers (#690886)
* Thu Mar 24 2011 Nalin Dahyabhai <nalin@redhat.com> 0.38-1
  - update to 0.38
    - catch cases where we can't read a PIN file, but we never have to log
      in to the token to access the private key (more of #688229)
* Tue Mar 22 2011 Nalin Dahyabhai <nalin@redhat.com> 0.37-1
  - update to 0.37
    - be more careful about checking if we can read a PIN file successfully
      before we even call an API that might need us to try (#688229)
    - fix strict aliasing warnings
* Tue Mar 22 2011 Nalin Dahyabhai <nalin@redhat.com> 0.36-1
  - update to 0.36
    - fix some use-after-free bugs in the daemon (#689776)
    - fix a copy/paste error in certmonger-ipa-submit(8)
    - getcert now suppresses error details when not given its new -v option
      (#683926, more of #681641/#652047)
    - updated translations
      - de, es, pl, ru, uk
      - indonesian translation is now for "id" rather than "in"
* Wed Mar 02 2011 Nalin Dahyabhai <nalin@redhat.com> 0.35.1-1
  - fix a self-test that broke because one-year-from-now is now a day's worth
    of seconds further out than it was a few days ago
* Mon Feb 14 2011 Nalin Dahyabhai <nalin@redhat.com> 0.35-1
  - update to 0.35
    - self-test fixes to rebuild properly in mock (#670322)
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.34-2
  - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
* Fri Jan 14 2011 Nalin Dahyabhai <nalin@redhat.com> 0.34-1
  - update to 0.34
    - explicitly note the number of requests we're tracking in the output of
      "getcert list" (#652049)
    - try to offer some suggestions when we get certain specific errors back
      in "getcert" (#652047)
    - updated translations
      - es
* Thu Dec 23 2010 Nalin Dahyabhai <nalin@redhat.com> 0.33-1
  - update to 0.33
    - new translations
      - id by Okta Purnama Rahadian!
    - updated translations
      - pl, uk
    - roll up assorted fixes for defects
* Fri Nov 12 2010 Nalin Dahyabhai <nalin@redhat.com> 0.32-2
  - depend on the e2fsprogs libuuid on Fedora and RHEL releases where it's
    not part of util-linux-ng
* Wed Oct 13 2010 Nalin Dahyabhai <nalin@redhat.com> 0.32-1
  - oops, rfc5280 says we shouldn't be populating unique identifiers, so
    make it a configuration option and default the behavior to off
* Tue Oct 12 2010 Nalin Dahyabhai <nalin@redhat.com> 0.31-1
  - start populating the optional unique identifier fields in self-signed
    certificates
* Thu Sep 30 2010 Nalin Dahyabhai <nalin@redhat.com> 0.30-4
  - explicitly require "dbus" to try to ensure we have a running system bus
    when we get started (#639126)
* Wed Sep 29 2010 jkeating - 0.30-3
  - Rebuilt for gcc bug 634757
* Thu Sep 23 2010 Nalin Dahyabhai <nalin@redhat.com> 0.30-2
  - try to SIGHUP the messagebus daemon at first install so that it'll
    let us claim our service name if it isn't restarted before we are
    first started (#636876)
* Wed Aug 25 2010 Nalin Dahyabhai <nalin@redhat.com> 0.30-1
  - update to 0.30
    - fix errors computing the time at the end of an interval that were
      caught by self-tests
* Mon Aug 23 2010 Nalin Dahyabhai <nalin@redhat.com> 0.29-1
  - update to 0.29
    - fix 64-bit cleanliness issue using libdbus
    - actually include the full set of tests in tarballs
* Tue Aug 17 2010 Nalin Dahyabhai <nalin@redhat.com> 0.28-1
  - update to 0.28
    - fix self-signing certificate notBefore and notAfter values on 32-bit
      machines
* Tue Aug 17 2010 Nalin Dahyabhai <nalin@redhat.com> 0.27-1
  - update to 0.27
    - portability and test fixes
* Fri Aug 13 2010 Nalin Dahyabhai <nalin@redhat.com> 0.26-1
  - update to 0.26
    - when canceling a submission request that's being handled by a helper,
      reap the child process's status after killing it (#624120)
* Fri Aug 13 2010 Nalin Dahyabhai <nalin@redhat.com> 0.25-1
  - update to 0.25
    - new translations
      - in by Okta Purnama Rahadian!
    - fix detection of cases where we can't access a private key in an NSS
      database because we don't have the PIN
    - teach '*getcert start-tracking' about the -p and -P options which the
      '*getcert request' commands already understand (#621670), and also
      the -U, -K, -E, and -D flags
    - double-check that the nicknames of keys we get back from
      PK11_ListPrivKeysInSlot() match the desired nickname before accepting
      them as matches, so that our tests won't all blow up on EL5
    - fix dynamic addition and removal of CAs implemented through helpers
* Mon Jun 28 2010 Nalin Dahyabhai <nalin@redhat.com> 0.24-4
  - init script: ensure that the subsys lock is created whenever we're called to
    "start" when we're already running (even more of #596719)
* Tue Jun 15 2010 Nalin Dahyabhai <nalin@redhat.com> 0.24-3
  - more gracefully handle manual daemon startups and cleaning up of unexpected
    crashes (still more of #596719)
* Thu Jun 10 2010 Nalin Dahyabhai <nalin@redhat.com> 0.24-2
  - don't create the daemon pidfile until after we've connected to the D-Bus
    (still more of #596719)
* Tue Jun 08 2010 Nalin Dahyabhai <nalin@redhat.com> 0.24-1
  - update to 0.24
    - keep the lock on the pid file, if we have one, when we fork, and cancel
      daemon startup if we can't gain ownership of the lock (the rest of #596719)
    - make the man pages note which external configuration files we consult when
      submitting requests to certmaster and ipa CAs
* Thu May 27 2010 Nalin Dahyabhai <nalin@redhat.com> 0.23-1
  - update to 0.23
    - new translations
      - pl by Piotr DrÄ…g!
    - cancel daemon startup if we can't gain ownership of our well-known
      service name on the DBus (#596719)
* Fri May 14 2010 Nalin Dahyabhai <nalin@redhat.com> 0.22-1
  - update to 0.22
    - new translations
      - de by Fabian Affolter!
    - certmaster-submit: don't fall over when we can't find a certmaster.conf
      or a minion.conf (i.e., certmaster isn't installed) (#588932)
    - when reading extension values from certificates, prune out duplicate
      principal names, email addresses, and hostnames
* Tue May 04 2010 Nalin Dahyabhai <nalin@redhat.com> 0.21-1
  - update to 0.21
    - getcert/*-getcert: relay the desired CA to the local service, whether
      specified on the command line (in getcert) or as a built-in hard-wired
      default (in *-getcert) (#584983)
    - flesh out the default certmonger.conf so that people can get a feel for
      the expected formatting (Jenny Galipeau)
* Wed Apr 21 2010 Nalin Dahyabhai <nalin@redhat.com> 0.20-1
  - update to 0.20
    - correctly parse certificate validity periods given in years (spotted by
      Stephen Gallagher)
    - setup for translation
      - es by Héctor Daniel Cabrera!
      - ru by Yulia Poyarkova!
      - uk by Yuri Chornoivan!
    - fix unpreprocessed defaults in certmonger.conf's man page
    - tweak the IPA-specific message that indicates a principal name also needs
      to be specified if we're not using the default subject name (#579542)
    - make the validity period of self-signed certificates into a configuration
      setting and not a piece of the state information we track about the signer
    - init script: exit with status 2 instead of 1 when invoked with an
      unrecognized argument (#584517)
* Tue Mar 23 2010 Nalin Dahyabhai <nalin@redhat.com> 0.19-1
  - update to 0.19
    - correctly initialize NSS databases that need to be using a PIN
    - add certmonger.conf, for customizing notification timings and settings,
      and use of digests other than the previously-hard-coded SHA256, and
      drop those settings from individual requests
    - up the default self-sign validity interval from 30 days to 365 days
    - drop the first default notification interval from 30 days to 28 days
      (these two combined to create a fun always-reissuing loop earlier)
    - record the token which contains the key or certificate when we're
      storing them in an NSS database, and report it
    - improve handling of cases where we're supposed to use a PIN but we
      either don't have one or we have the wrong one
    - teach getcert to accept a PIN file's name or a PIN value when adding
      a new entry
    - update the IPA submission helper to use the new 'request_cert' signature
      that's landing soon
    - more tests
* Fri Feb 12 2010 Nalin Dahyabhai <nalin@redhat.com> 0.18-1
  - update to 0.18
    - add support for using encrypted storage for keys, using PIN values
      supplied directly or read from files whose names are supplied
    - don't choke on NSS database locations that use the "sql:" or "dbm:"
      prefix
* Mon Jan 25 2010 Nalin Dahyabhai <nalin@redhat.com> 0.17-2
  - make the D-Bus configuration file (noreplace) (#541072)
  - make the %check section and the deps we have just for it conditional on
    the same macro (#541072)
* Wed Jan 06 2010 Nalin Dahyabhai <nalin@redhat.com> 0.17-1
  - update to 0.17
    - fix a hang in the daemon (Rob Crittenden)
    - documentation updates
    - fix parsing of submission results from IPA (Rob Crittenden)
* Fri Dec 11 2009 Nalin Dahyabhai <nalin@redhat.com> 0.16-1
  - update to 0.16
    - set a umask at startup (Dan Walsh)
* Tue Dec 08 2009 Nalin Dahyabhai <nalin@redhat.com> 0.15-1
  - update to 0.15
    - notice that a directory with a trailing '/' is the same location as the
      directory without it
    - fix handling of the pid file when we write one (by actually giving it
      contents)
* Tue Nov 24 2009 Nalin Dahyabhai <nalin@redhat.com> 0.14-1
  - update to 0.14
    - check key and certificate location at add-time to make sure they're
      absolute paths to files or directories, as appropriate
    - IPA: dig into the 'result' item if the named result value we're looking
      for isn't in the result struct
* Tue Nov 24 2009 Nalin Dahyabhai <nalin@redhat.com> 0.13-1
  - update to 0.13
    - change the default so that we default to trying to auto-refresh
      certificates unless told otherwise
    - preemptively enforce limitations on request nicknames so that they
      make valid D-Bus object path components
* Tue Nov 24 2009 Nalin Dahyabhai <nalin@redhat.com> 0.12-1
  - update to 0.12
    - add a crucial bit of error reporting when CAs reject our requests
    - count the number of configured CAs correctly
* Mon Nov 23 2009 Nalin Dahyabhai <nalin@redhat.com> 0.11-1
  - update to 0.11
    - add XML-RPC submission for certmaster and IPA
    - prune entries with duplicate names from the data store
* Fri Nov 13 2009 Nalin Dahyabhai <nalin@redhat.com> 0.10-1
  - update to 0.10
    - add some compiler warnings and then fix them
* Fri Nov 13 2009 Nalin Dahyabhai <nalin@redhat.com> 0.9-1
  - update to 0.9
    - run external submission helpers correctly
    - fix signing of signing requests generated for keys stored in files
    - only care about new interface and route notifications from netlink,
      and ignore notifications that don't come from pid 0
    - fix logic for determining expiration status
    - correct the version number in self-signed certificates
* Tue Nov 10 2009 Nalin Dahyabhai <nalin@redhat.com> 0.8-1
  - update to 0.8
    - encode windows UPN values in requests correctly
    - watch for netlink routing changes and restart stalled submission requests
    - 'getcert resubmit' can force a regeneration of the CSR and submission
* Fri Nov 06 2009 Nalin Dahyabhai <nalin@redhat.com> 0.7-1
  - update to 0.7
    - first cut at a getting-started document
    - refactor some internal key handling with NSS
    - check for duplicate request nicknames at add-time
* Tue Nov 03 2009 Nalin Dahyabhai <nalin@redhat.com> 0.6-1
  - update to 0.6
    - man pages
    - 'getcert stop-tracking' actually makes the server forget now
    - 'getcert request -e' was redundant, dropped the -e option
    - 'getcert request -i' now sets the request nickname
    - 'getcert start-tracking -i' now sets the request nickname
* Mon Nov 02 2009 Nalin Dahyabhai <nalin@redhat.com> 0.5-1
  - update to 0.5
    - packaging fixes
    - add a selfsign-getcert client
    - self-signed certs now get basic constraints and their own serial numbers
    - accept id-ms-kp-sc-logon as a named EKU value in a request
* Thu Oct 29 2009 Nalin Dahyabhai <nalin@redhat.com> 0.4-1
  - update to 0.4
* Thu Oct 22 2009 Nalin Dahyabhai <nalin@redhat.com> 0.1-1
  - update to 0.1
* Sun Oct 18 2009 Nalin Dahyabhai <nalin@redhat.com> 0.0-1
  - initial package

Files

/etc/certmonger
/etc/certmonger/certmonger.conf
/etc/dbus-1/system.d/certmonger.conf
/etc/rc.d/init.d/certmonger
/etc/tmpfiles.d/certmonger.conf
/usr/bin/certmaster-getcert
/usr/bin/getcert
/usr/bin/ipa-getcert
/usr/bin/selfsign-getcert
/usr/libexec/certmonger
/usr/libexec/certmonger/certmaster-submit
/usr/libexec/certmonger/certmonger-session
/usr/libexec/certmonger/ipa-submit
/usr/sbin/certmonger
/usr/share/dbus-1/services/certmonger.service
/usr/share/doc/certmonger-0.56
/usr/share/doc/certmonger-0.56/LICENSE
/usr/share/doc/certmonger-0.56/README
/usr/share/doc/certmonger-0.56/STATUS
/usr/share/doc/certmonger-0.56/api.txt
/usr/share/doc/certmonger-0.56/certmaster-submit.txt
/usr/share/doc/certmonger-0.56/design.txt
/usr/share/doc/certmonger-0.56/dogtag-notes.txt
/usr/share/doc/certmonger-0.56/ftw.txt
/usr/share/doc/certmonger-0.56/getting-started.txt
/usr/share/doc/certmonger-0.56/gpl-3.0.txt
/usr/share/doc/certmonger-0.56/ipa-submit.txt
/usr/share/doc/certmonger-0.56/submit.txt
/usr/share/locale/bg/LC_MESSAGES/certmonger.mo
/usr/share/locale/bn_IN/LC_MESSAGES/certmonger.mo
/usr/share/locale/cs_CZ/LC_MESSAGES/certmonger.mo
/usr/share/locale/da/LC_MESSAGES/certmonger.mo
/usr/share/locale/de/LC_MESSAGES/certmonger.mo
/usr/share/locale/es/LC_MESSAGES/certmonger.mo
/usr/share/locale/es_ES/LC_MESSAGES/certmonger.mo
/usr/share/locale/fr/LC_MESSAGES/certmonger.mo
/usr/share/locale/gu/LC_MESSAGES/certmonger.mo
/usr/share/locale/id/LC_MESSAGES/certmonger.mo
/usr/share/locale/ja/LC_MESSAGES/certmonger.mo
/usr/share/locale/nl/LC_MESSAGES/certmonger.mo
/usr/share/locale/pl/LC_MESSAGES/certmonger.mo
/usr/share/locale/pt/LC_MESSAGES/certmonger.mo
/usr/share/locale/pt_BR/LC_MESSAGES/certmonger.mo
/usr/share/locale/ru/LC_MESSAGES/certmonger.mo
/usr/share/locale/sv/LC_MESSAGES/certmonger.mo
/usr/share/locale/ta/LC_MESSAGES/certmonger.mo
/usr/share/locale/tr/LC_MESSAGES/certmonger.mo
/usr/share/locale/uk/LC_MESSAGES/certmonger.mo
/usr/share/locale/zh_CN/LC_MESSAGES/certmonger.mo
/usr/share/locale/zh_TW/LC_MESSAGES/certmonger.mo
/usr/share/man/man1/certmaster-getcert.1.gz
/usr/share/man/man1/getcert-list-cas.1.gz
/usr/share/man/man1/getcert-list.1.gz
/usr/share/man/man1/getcert-request.1.gz
/usr/share/man/man1/getcert-resubmit.1.gz
/usr/share/man/man1/getcert-start-tracking.1.gz
/usr/share/man/man1/getcert-stop-tracking.1.gz
/usr/share/man/man1/getcert.1.gz
/usr/share/man/man1/ipa-getcert.1.gz
/usr/share/man/man1/selfsign-getcert.1.gz
/usr/share/man/man5/certmonger.conf.5.gz
/usr/share/man/man8/certmonger-certmaster-submit.8.gz
/usr/share/man/man8/certmonger-ipa-submit.8.gz
/usr/share/man/man8/certmonger.8.gz
/var/lib/certmonger
/var/lib/certmonger/cas
/var/lib/certmonger/requests
/var/run/certmonger

Generated by rpm2html 1.8.1

Fabrice Bellet, Mon May 13 06:22:50 2013