Verbose operation

PEM file to use for server cert

PEM file to use for server key

HTTP realm to present to clients. Max is 32 characters.

Enable CRL checks

Enable check for binding client PoP to the TLS UID

Simulate manual CA enrollment

Disable HTTP authentication (TLS client auth required)

Disable HTTP authentication when TLS client auth succeeds

Use HTTP Digest auth instead of Basic auth

Use HTTP Basic auth. Causes explicit call to set Basic auth

TCP port number to listen on

Sleep timer to auto-shut the server

Runs EST Server in FIPS MODE = ON

Enable IPv6

Dump the CSR to '/tmp/csr.p10' allowing for manual attribute capture on server

Print this help message and exit

Specify en-/decryption of private key, password read from STDIN

Specify en-/decryption of private key, password read from argument

Enable TLS-SRP authentication of client using the specified SRP parameters file

Enable CSR attributes enforcement. The client must provide all the attributes in the CSR.

Use HTTP Bearer Token auth.

Enable Enhanced Certificate Auth mode

Sets the local PKI domain subject field NID to grab from the peer cert. If not set the commonName NID will be used

Specify the auth header password to use in Enhanced Certificate Auth mode

Enable the CSR check during Enhanced Cert Auth

Sets name of the manufacturer to be registered This name is required when registering a manufacturer

Specifies a truststore file for an Enhanced Certificate Auth manufacturer to select the subject field based upon. This truststore is required when registering a manufacturer

Sets the subject field NID to grab from the peer cert when that cert came from the manufacturer. If not set the commonName NID will be used

Enable BRSKI bootstrapping support.

Enable the performance timers in server

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
Redistributions of source code must retain the above copyright


  notice, this list of conditions and the following disclaimer.
Redistributions in binary form must reproduce the above


  copyright notice, this list of conditions and the following


  disclaimer in the documentation and/or other materials provided


  with the distribution.
Neither the name of the Cisco Systems, Inc. nor the names of its


  contributors may be used to endorse or promote products derived


  from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
OF THE POSSIBILITY OF SUCH DAMAGE.