Changeset 031acac in mod_gnutls for docs


Ignore:
Timestamp:
Jul 3, 2014, 1:00:29 PM (7 years ago)
Author:
Nikos Mavrogiannopoulos <nmav@…>
Branches:
asyncio, debian/master, debian/stretch-backports, jessie-backports, master, proxy-ticket, upstream
Children:
7314438
Parents:
765cac2
git-author:
Nikos Mavrogiannopoulos <nmav@…> (06/24/14 10:28:03)
git-committer:
Nikos Mavrogiannopoulos <nmav@…> (07/03/14 13:00:29)
Message:

Use the new (3.1.3+) GnuTLS APIs to obtain private keys.

This allows the loading a private key from a PKCS #11 or a TPM URL
(the GnuTLSPIN and GnuTLSSRKPIN variables should be set), and loading
encrypted private keys in PKCS #8, PKCS #12 or openssl format.

File:
1 edited

Legend:

Unmodified
Added
Removed

  • docs/mod_gnutls_manual.mdwn

    r765cac2 r031acac  
    367367as protection against statistical attacks to ciphertext data in order to
    368368achieve maximum compatibility (some broken mobile clients need this).
     369
     370`GnuTLSPIN`
     371------------------
     372
     373Set the PIN to be used to access encrypted key files or PKCS #11 objects.
     374
     375    GnuTLSPIN XXXXXX
     376
     377Default: *none*\
     378Context: server config, virtual host
     379
     380Takes a string to be used as a PIN for the protected objects in
     381a security module, or as a key to be used to decrypt PKCS #8, PKCS #12,
     382or openssl encrypted keys.
     383
     384`GnuTLSSRKPIN`
     385------------------
     386
     387Set the SRK PIN to be used to unlaccess the TPM.
     388
     389    GnuTLSSRKPIN XXXXXX
     390
     391Default: *none*\
     392Context: server config, virtual host
     393
     394Takes a string to be used as a PIN for the protected objects in
     395the TPM module.
    369396
    370397`GnuTLSExportCertificates`
Note: See TracChangeset for help on using the changeset viewer.