Note on overriding pki_client_dir when using an HSM

- PKI TRAC Ticket #1425 - pkispawn CA with HSM - if the config file has pki_client related params the dir is not created and the admin cert p12 file is stored nowhere
author: Matthew Harmsen <mharmsen@redhat.com> 2015-07-06 15:09:54 -0600
committer: Matthew Harmsen <mharmsen@redhat.com> 2015-07-06 15:09:54 -0600
commit: a3773d042de25120803154c96763de55bc0bd7c4 (patch)
tree: cb156aebc2b053dbdf856246045d7d065eaab56a /base/server
parent: 6db01bd091ce991322b004cdd74bf7c15c57fe8c (diff)
download: pki-a3773d042de25120803154c96763de55bc0bd7c4.tar.gz
pki-a3773d042de25120803154c96763de55bc0bd7c4.tar.xz
pki-a3773d042de25120803154c96763de55bc0bd7c4.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/base/server/man/man5/pki_default.cfg.5 b/base/server/man/man5/pki_default.cfg.5
index f3db6a8e1..2c8dbbd45 100644
--- a/base/server/man/man5/pki_default.cfg.5
+++ b/base/server/man/man5/pki_default.cfg.5
@@ -152,6 +152,9 @@ Set to True to back up the subsystem certificates and keys to a PKCS #12 file.
 .B pki_client_dir
 .IP
 This is the location where all client data used during the installation is stored.  At the end of the invocation of \fBpkispawn\fP, the administrative user's certificate and keys are stored in a PKCS #12 file in this location.
+.IP
+\fBNote:\fP
+When using an HSM, it is currently recommended to NOT specify a value for \fBpki_client_dir\fP that is different from the default value.
 .TP
 .B pki_client_database_dir,  pki_client_database_password
 .IP
author	Matthew Harmsen <mharmsen@redhat.com>	2015-07-06 15:09:54 -0600
committer	Matthew Harmsen <mharmsen@redhat.com>	2015-07-06 15:09:54 -0600
commit	a3773d042de25120803154c96763de55bc0bd7c4 (patch)
tree	cb156aebc2b053dbdf856246045d7d065eaab56a /base/server
parent	6db01bd091ce991322b004cdd74bf7c15c57fe8c (diff)
download	pki-a3773d042de25120803154c96763de55bc0bd7c4.tar.gz pki-a3773d042de25120803154c96763de55bc0bd7c4.tar.xz pki-a3773d042de25120803154c96763de55bc0bd7c4.zip