manpagez: man pages & more
man certupdate(8)

man pages By Section Choose... 123456789ln Alphabetically Choose... ABCDEFGHIJKLMNOPQRSTUVWXYZOther

Home | html | info | man

certupdate(8)             BSD System Manager's Manual            certupdate(8)

NAME

     certupdate -- Mac OS X Server certificate administration helper tool

SYNOPSIS

     certupdate remove -c cert_path [-p cert_ref]
     certupdate replace -c old_cert_path [-p old_cert_ref] -C new_cert_path
                [-P new_cert_ref]

DESCRIPTION

     certupdate is a tool to notify interested services to change their con-
     figurations when certificates are removed or replaced in the
     /etc/certificates directory. Services interested in certificate changes
     register their interest by placing a helper tool into
     /usr/libexec/certupdate which returns an exit status of 0 for don't care,
     1 for don't remove, or 2 to indicate an error condition. When the System
     Keychain changes, certupdate will be called with the remove or replace
     command.  certupdate will in turn call each of the helper tools and
     return the highest numbered exit status from the helper tools.

     The certupdate tool is intended to allow the automated replacement of
     expiring certificates.

     certupdate commands

     remove   Indicates that the certificate at cert_path will be removed.

     replace  Indicates that the certificate at old_cert_path will be replaced
              with the certificate at new_cert_path

     Command arguments

     -c path  In both commands this is the path to a PEM formatted certifi-
              cate.

     -p cert_ref
              Optional a keychain persistant reference to the certificate in
              question expressed as a string of hexadecimal characters with a
              leading 0x

     -C new_path
              In the path to a PEM formatted certificate that replaces the
              certificated specified by -c

     -P new_cert_ref
              Optional a keychain persistant reference to the certificate in
              question expressed as a string of hexadecimal characters with a
              leading 0x

FILES

     /usr/libexec/certupdate         Directory containing the service specific
                                     helper tools called by certupdate

DIAGNOSTICS

     0  None of the services are interested in the certificate or the replace
     command was successful

     1  One or more helper tools requested that the certificate file not be
     removed

     2  An error occurred in one of the helper tools, should be treated as
     don't remove, above

EXAMPLES

     certupdate remove -c /etc/certificates/exam-
     ple.com.6077F32D1323B18EB617323DE430E30628A2A925.cert.pem

     remove -c /etc/certificates/exam-
     ple.com.6077F32D1323B18EB617323DE430E30628A2A925.cert.pem -p
     0x5306E550709301B8DE4301A026608738CA8874A3D1323B18EB61

SEE ALSO

     certadmin(8)

Darwin                         September 5, 2011                        Darwin

---

Mac OS X 10.7 - Generated Mon Sep 5 10:08:07 CDT 2011

© manpagez.com 2000-2025
Individual documents may contain additional copyright information.