Ce contenu n'est pas disponible dans la langue sélectionnée.
12.5. Tracking Certificates with certmonger
certmonger can monitor expiration date of a certificate and automatically renew the certificate at the end of its validity period. To track a certificate in this way, run the getcert start-tracking command.
Note
It is not required that you run
getcert start-tracking after running getcert request, because the getcert request command by default automatically tracks and renews the requested certificate. The getcert start-tracking command is intended for situations when you have already obtained the key and certificate through some other process, and therefore you have to manually instruct certmonger to start the tracking.
The
getcert start-tracking command takes several options:
-rautomatically renews the certificate when its expiration date is close if the key pair already exists. This option is used by default.-Isets a name for the tracking request.certmongeruses this name to refer to the combination of storage locations and request options, and it is also displayed in the output of thegetcert listcommand. If you do not specify this option,certmongerassigns an automatically generated a name for the task.
[root@server ~]# getcert start-tracking -I cert1-tracker -d /export/alias -n ServerCert
To cancel tracking for a certificate, run the
stop-tracking command.
