diff options
| author | Sumit Bose <sbose@redhat.com> | 2016-04-12 18:14:08 +0200 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-06-09 11:58:17 +0200 |
| commit | 53ef8f81b60929a6c866efdd133627e7d7d61705 (patch) | |
| tree | dec625c6cd01e15e73ace5d2e71054e95921e9f4 /src/man/sssd.conf.5.xml | |
| parent | aa35995ef056aa8ae052a47c62c6750b7adf065e (diff) | |
| download | sssd-53ef8f81b60929a6c866efdd133627e7d7d61705.tar.gz sssd-53ef8f81b60929a6c866efdd133627e7d7d61705.tar.xz sssd-53ef8f81b60929a6c866efdd133627e7d7d61705.zip | |
p11: add OCSP default responder options
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/man/sssd.conf.5.xml')
| -rw-r--r-- | src/man/sssd.conf.5.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 5396a490a..6cff0dc87 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -391,6 +391,34 @@ testing.</para> </listitem> </varlistentry> + <varlistentry> + <term>ocsp_default_responder=URL</term> + <listitem> + <para>Sets the OCSP default responder + which should be used instead of the one + mentioned in the certificate. URL must + be replaced with the URL of the OCSP + default responder e.g. + http://example.com:80/ocsp.</para> + <para>This option must be used together + with + ocsp_default_responder_signing_cert. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term> + ocsp_default_responder_signing_cert=NAME</term> + <listitem> + <para>The nickname of the cert to trust + (expected) to sign the OCSP responses. + The certificate with the given nickname + must be availble in the systems NSS + database.</para> + <para>This option must be used together + with ocsp_default_responder.</para> + </listitem> + </varlistentry> </variablelist> </para> <para> |