diff options
author | Stef Walter <stefw@gnome.org> | 2013-02-03 13:05:26 +0100 |
---|---|---|
committer | Stef Walter <stefw@gnome.org> | 2013-02-05 15:05:05 +0100 |
commit | f3a3e1e6a413dc93d0a1eb330a32404d803f5307 (patch) | |
tree | cd7a1df1f3e317fe45472be7607f9a6e059d91bc /doc | |
parent | 08f1a7f3cfe87bc19ecd564711b4d2beaa603924 (diff) |
Add a placeholder external 'extract-trust' command
Diffstat (limited to 'doc')
-rw-r--r-- | doc/p11-kit-devel.xml | 23 | ||||
-rw-r--r-- | doc/p11-kit.xml | 19 |
2 files changed, 42 insertions, 0 deletions
diff --git a/doc/p11-kit-devel.xml b/doc/p11-kit-devel.xml index f3acde1..cfacbf8 100644 --- a/doc/p11-kit-devel.xml +++ b/doc/p11-kit-devel.xml @@ -58,6 +58,29 @@ $ <command>pkg-config p11-kit-1 --variable p11_module_path</command> </section> + <section id="devel-commands"> + <title>Customizing installed commands</title> + + <para>The <literal>p11-kit</literal> tool provides a + <literal>extract-trust</literal> command which extracts trust + policy information such as certificate anchors and so on + into files for use with libraries that cannot read this trust + information directly.</para> + + <para>In order to be useful the <literal>extract-trust</literal> + command needs to be customized per distribution or site. You can + find this file in at <literal>tools/p11-kit-trust-extract.in</literal> + in the p11-kit source code.</para> + + <para>The command is implemented as a simple script which + performs the various <literal>p11-kit extract</literal> commands + necessary to extract the information.</para> + + <para>Using this script as a standard way to extract this + information allows for consistency between distributions and ease + of system administration.</para> + </section> + <section id="devel-building"> <title>Compiling p11-kit from Source</title> <para>This describes how to compiling the p11-kit package from diff --git a/doc/p11-kit.xml b/doc/p11-kit.xml index 162563b..98f5da5 100644 --- a/doc/p11-kit.xml +++ b/doc/p11-kit.xml @@ -188,6 +188,25 @@ $ p11-kit extract --format=x509-directory --filter=ca-certificates /path/to/dire </refsect1> <refsect1> + <title>Extract Trust</title> + + <para>Extract standard trust information files.</para> + +<programlisting> +$ p11-kit extract-trust +</programlisting> + + <para>OpenSSL, GnuTLS and Java cannot currently read trust information + directly from the trust policy module. This command extracts trust + information such as certificate anchors for use by these libraries.</para> + + <para>What this command does, and where it extracts the files is + distribution or site specific. Packagers or administrators are expected + customize this command.</para> + +</refsect1> + +<refsect1> <title>Bugs</title> <para> Please send bug reports to either the distribution bug tracker |