Red Hat Training

A Red Hat training course is available for Red Hat Enterprise Linux

5.23. certmonger

Updated certmonger packages that fix multiple bugs and add multiple enhancements are now available for Red Hat Enterprise Linux 6.
The certmonger daemon monitors certificates which have been registered with it, and as a certificate's not-valid-after date approaches, the daemon can optionally attempt to obtain a fresh certificate from a supported CA.
The certmonger packages have been upgraded to upstream version 0.56, which provides a number of bug fixes and enhancements over the previous version. (BZ#789153)

Bug Fixes

Prior to this update, one of the examples provided in the getting-started.txt file did not work as expected if the daemon was prevented from accessing files in user-specified locations, for example by the SELinux policy. With this update, this problem is now documented in the getting-started.txt file.
Prior to this update, the certmonger daemon was not configured to start by default when the package was installed. This update enables the certmonger service by default.
Prior to this update, the "getcert" command could under certain circumstances, display the misleading error message "invalid option" when an option that required an argument was used and the argument was not specified. This update modifies the error code so that the correct message is now sent.


Prior to this update, newly added certificates were not automatically visible. To see these certificates, servers had to be manually restarted. This update adds the emission of D-Bus signals over the message bus to allow applications to perform the actions they need to use a new certificate. Also, the new "-C" option was added to invoke a user-specified command.
All users of certmonger are advised to upgrade to these updated packages, which fix these bugs and add this enhancement.