Man page - estclient(1)
Packages contains this manual
Manual
estclient
NAMEOPTIONS
COPYRIGHT & LICENSE
AUTHOR
NAME
estclient - example EST client application using the granular API
OPTIONS
-v
Verbose operation
-g
Get CA certificate from EST server
-e
Enroll with EST server and request a cert
-q
Enroll with EST server and request a cert and a server-side generated private key
-a
Get CSR attributes from EST server
-z
Force binding the PoP by including the challengePassword in the CSR
-r
Re-enroll with EST server and request a cert, must use -c option
-c certfile
Identity certificate to use for the TLS session
-k keyfile
Use with -c option to specify private key for the identity cert
-x keyfile
Use existing private key in the given file for signing the CSR
-y csrfile
Use existing CSR in the given file
-s server
Enrollment server IP address
-p port
TCP port number for enrollment server
-o dir
Directory where pkcs7 certs will be written
-i count
Number of enrollments to perform per thread (default=1)
-w count
Timeout in seconds to wait for server response (default=10)
-f
Runs EST Client in FIPS MODE = ON
-u string
Specify user name for HTTP authentication.
-h string
Specify password for HTTP authentication.
-?
Print this help message and exit.
--keypass_stdin
Specify en-/decryption of private key, password read from STDIN
--keypass_arg
Specify en-/decryption of private key, password read from argument
--common-name string
Specify the common name to use in the Suject Name field of the new certificate. 127.0.0.1 will be used if this option is not specified
--pem-output
Convert the new certificate to PEM format
--srp
Enable TLS-SRP cipher suites. Use with --srp-user and --srp-password options.
--srp-user string
Specify the SRP user name.
--srp-password string
Specify the SRP password.
--auth-token string
Specify the token to be used with HTTP token authentication.
--path-seg string
Specify the optional path segment to use in the URI.
--proxy-server string
Proxy server to enable SOCK/HTTP proxy mode.
--proxy-port port
Proxy port number. Must include proxy-server.
--proxy-proto EST_CLIENT_PROXY_PROTO
Proxy protocol.
--proxy-auth BASIC|NTLM
Proxy authentication method.
--proxy-username string
username to pass to proxy server.
--proxy-password string
password to pass to proxy server.
COPYRIGHT & LICENSE
Copyright (c) 2012-2018 Cisco Systems, Inc. All rights reserved.
License (BSD-3-Clause):
Redistribution
and use in source and binary forms, with or without
modification, are permitted provided that the following
conditions
are met:
Redistributions of source code must retain the above
copyright
notice, this list of conditions and the following
disclaimer.
Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following
disclaimer in the documentation and/or other materials
provided
with the distribution.
Neither the name of the Cisco Systems, Inc. nor the names of
its
contributors may be used to endorse or promote products
derived
from this software without specific prior written
permission.
THIS SOFTWARE
IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND
FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL
THE
COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.
AUTHOR
This manpage is based on estclientโs usage output and the included documentation. It was written for the Debian project by Christoph Biedl <debian.axhn@manchmal.in-ulm.de> but may be used by others.