From 4de84af23db74e13e867985c9093f394c9fa8d51 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Wed, 15 Jul 2015 09:40:00 +0200
Subject: ssh: generate public keys from certificate

Resolves: https://fedorahosted.org/sssd/ticket/2711

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/man/sssd.conf.5.xml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

(limited to 'src/man')

diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index b063d7cb8..3f57862c6 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -1082,6 +1082,19 @@ pam_account_expired_message = Account expired, please call help desk.
                         </para>
                     </listitem>
                 </varlistentry>
+                <varlistentry>
+                    <term>ca_db (string)</term>
+                    <listitem>
+                        <para>
+                            Path to a storage of trusted CA certificates. The
+                            option is used to validate user certificates before
+                            deriving public ssh keys from them.
+                        </para>
+                        <para>
+                            Default: /etc/pki/nssdb
+                        </para>
+                    </listitem>
+                </varlistentry>
             </variablelist>
         </refsect2>
 
-- 
cgit