blob: 1519387b461ce3273fe4c37d08f97734ace2b3db (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
|
=head1 NAME
certmaster-sync -- syncronize client certificates with Func.
=head1 SYNOPSIS
certmaster-sync [-f|--force]
=head1 DESCRIPTION
certmaster-sync syncronizes client certificates amongst certmaster clients via Func. It is assumed that the hosts who have requested certificates are reachable via Func for syncronization operations.
certmaster-sync by default is called as a post-sign and post-clean trigger. In order to enable syncronization you must set B<sync_certs> to B<True>, see B<CONFIGURATION VALUES> below.
The syncronization occurs by querying remote Func methods in B<certmastermod> on the minion hosts. This will gather information, copy any new certificates, and remove any certificates that have been cleaned.
=head1 OPTIONS
=over
=item -f, --force
Override the configuration value for B<sync_certs> in F</etc/certmaster/certmaster.conf>
=back
=head1 CONFIGURATION VALUES
=over
=item sync_certs
B<sync_certs> determines whether or not the script will actually syncronize or if it will exit with no operation. You can use -f|--force to override this configuration value. (Default: False)
=back
=head1 ADDITONAL RESOURCES
See https://fedorahosted.org/certmaster. It's a Wiki.
See also https://fedorahosted.org/func
=head1 AUTHOR
John Eckersberg <jeckersb@redhat.com>
|