diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-26 14:22:16 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2014-06-26 14:24:21 +0200 |
commit | 0010600abd68d1fcd6273d6073c5c0b35ed6de11 (patch) | |
tree | d42b0a63c3de654d816eb0f710432d97a6b329a7 | |
parent | 83fcf4af33e216351f46646aa8c9a6b32bdfd44d (diff) | |
download | gnutls-0010600abd68d1fcd6273d6073c5c0b35ed6de11.tar.gz |
p11tool: updated documentation
-rw-r--r-- | src/p11tool-args.def | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/src/p11tool-args.def b/src/p11tool-args.def index d588fb5980..3a79cac8ac 100644 --- a/src/p11tool-args.def +++ b/src/p11tool-args.def @@ -2,14 +2,15 @@ AutoGen Definitions options; prog-name = p11tool; prog-title = "GnuTLS PKCS #11 tool"; prog-desc = "Program to handle PKCS #11 smart cards and security modules.\n"; -detail = "Program that allows handling data from PKCS #11 smart cards +detail = "Program that allows operations on PKCS #11 smart cards and security modules. -To use PKCS #11 tokens with gnutls the configuration file -/etc/gnutls/pkcs11.conf has to exist and contain a number of lines of the form 'load=/usr/lib/opensc-pkcs11.so'. -Alternatively the p11-kit configuration files have to be setup. +To use PKCS #11 tokens with GnuTLS the p11-kit configuration files need to be setup. +That is create a .conf file in /etc/pkcs11/modules with the contents 'module: /path/to/pkcs11.so'. +Alternatively the configuration file /etc/gnutls/pkcs11.conf has to exist and contain a number +of lines of the form 'load=/usr/lib/opensc-pkcs11.so'. -To provide the PIN for all the operations below use the environment variable +You can provide the PIN to be used for the PKCS #11 operations with the environment variable GNUTLS_PIN. "; @@ -314,7 +315,7 @@ $ p11tool --login --generate-rsa --bits 1024 --label "MyNewKey" \ --outfile MyNewKey.pub "pkcs11:TOKEN-URL" @end example The bits parameter in the above example is explicitly set because some -tokens only support a limited number of bits. The output file is the +tokens only support limited choices in the bit length. The output file is the corresponding public key. This key can be used to general a certificate request with certtool. @example |