PNG
�
���
IHDR�����������;����IDATxܻn0�K�
)(pA���7L�eG{� �§㻢|��ذaÆ
�6lذaÆ
�6lذaÆ
�6lom$^yذa�g5�bÆ
�6lذaÆ
�6lذa{
�6lذaÆ
`��}HFkm,mӪô�ô!�x|'ܢ˟;E:9&ᶒ}{v]n&6
h_tڠ͵-ҫZ;Z$.Pkž)!o>}�leQf�JTu іچ\X=8Rن4`Vwl>nG^�is"ms$ui?wb�s[m�6K4O�.4%�/��bC%t�Mז -lG6mrz2�s%9s@-k9�=�)kB5\+͂Zsٲ�Rn~GR�C����wIcI��n7jJ�hۛNCS|j08yiHKֶۛkɈ+;Sz�L�/F�*\Ԕ#"5m2[S����=gnaPeғL
lذaÆ
�6l^ḵaÆ
�6lذaÆ
�6lذa;�
�_�ذaÆ
�6lذaÆ
�6lذaÆ
���R����IENDB`
http://www.redhat.com/docs/manuals/cert-system/pdf/cms601custom.pdf
Use GET http://cats.bos.redhat.com:9180/ca/ee/ca/getBySerial?serialNumber=14
(yes, that's a hex serial number).
- older stuff -
http://www.redhat.com/docs/manuals/cert-system/8.0/cli/html/SSLGet-Usage.html
POST http://cats.bos.redhat.com:9180/ca/ee/ca/profileSubmit
profileId=caServerCert&cert_request_type=pkcs10&requestor_name=TPS-server.example.com-7889&cert_request=MIIBGTCBxAIBADBfMSgwJgYDVQQKEx8yMDA2MTEwNngxMiBTZmJheSBSZWRoYXQgRG9tYWluMRIwEAYDVQQLEwlyaHBraS10cHMxHzAdBgNVBAMTFndhdGVyLnNmYmF5LnJlZGhhdC5jb20wXDANBgkqhkiG9w0BAQEFAANLADBIAkEAsMcYjKD2cDJOeKjhuAiyaC0YVh8hUzfcrf7ZJlVyROQx1pQrHiHmBQbcCdQxNzYK7rxWiR62BPDR4dHtQzj8RwIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQAKpuTYGP%2BI1k50tjn6enPV6j%2B2lFFjrYNwlYWBe4qYhm3WoA0tIuplNLpzP0vw6ttIMZkpE8rcfAeMG10doUpp&xmlOutput=true&sessionID=-4771521138734965266&auth_hostname=cats.bos.redhat.com&auth_port=9180
Returns "2Request Deferred - defer request 21"
Dig the request ID out of the XML.
GET http://cats.bos.redhat.com:9180/ca/ee/ca/checkRequest?requestId=21
You'll get some horrific code with javascript mixed in.
snippet:
Check header.status (UGH!). "pending";"complete"
snippet 2:
GET http://cats.bos.redhat.com:9180/ca/ee/ca/displayBySerial?serialNumber=0x14
As of 7.3, all of profileSubmit, checkRequest, and displayBySerial should
support XML output of some kind, but it's not until 8.0 that checkRequest
gives us the serial number of the issued cert when it tells us that our
request succeeded, so if the goal is to avoid scraping Javascript, we have
to require 8.0.