diff options
author | Matthew Harmsen <mharmsen@redhat.com> | 2015-04-14 20:05:17 -0600 |
---|---|---|
committer | Matthew Harmsen <mharmsen@redhat.com> | 2015-04-14 20:05:17 -0600 |
commit | cde899c8e8516125b26818d5668487c99267420c (patch) | |
tree | f17f837e0e89aef299fa724df11be9a91528011b /base/server/man | |
parent | 711d3ca66b6702a33839c3a436550464fa49d0d8 (diff) | |
download | pki-cde899c8e8516125b26818d5668487c99267420c.tar.gz pki-cde899c8e8516125b26818d5668487c99267420c.tar.xz pki-cde899c8e8516125b26818d5668487c99267420c.zip |
Add HSM options to pkispawn
- PKI TRAC Ticket #1346 - pkispawn should have an HSM library option
Diffstat (limited to 'base/server/man')
-rw-r--r-- | base/server/man/man5/pki_default.cfg.5 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/base/server/man/man5/pki_default.cfg.5 b/base/server/man/man5/pki_default.cfg.5 index ca8e095e4..bc736a6f5 100644 --- a/base/server/man/man5/pki_default.cfg.5 +++ b/base/server/man/man5/pki_default.cfg.5 @@ -61,6 +61,10 @@ Specifies the default administrative user, group, and auditor group identities f .B pki_token_name, pki_token_password .IP The token and password where this instance's system certificate and keys are stored. Defaults to the NSS internal software token. +.TP +.B pki_hsm_enable, pki_hsm_libfile, pki_hsm_modulename +.IP +If an optional hardware security module (HSM) is being utilized (rather than the default software security module included in NSS), then the \fBpki_hsm_enable\fP parameter must be set to 'True' (by default this parameter is 'False'), and values must be supplied for both the \fBpki_hsm_libfile\fP (e. g. - \fBpki_hsm_libfile=/opt/nfast/toolkits/pkcs11/libcknfast.so\fP) and \fPpki_hsm_modulename\fB parameters (e. g. - \fBpki_hsm_modulename=nethsm\fP). .SS SYSTEM CERTIFICATE PARAMETERS \fBpkispawn\fP sets up a number of system certificates for each subsystem. The system certificates which are required differ between subsystems. Each system certificate is denoted by a tag, as noted below. The different system certificates are: |