diff options
| author | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:19:36 +0000 |
|---|---|---|
| committer | Simon Josefsson <simon@josefsson.org> | 2007-05-02 10:19:36 +0000 |
| commit | fa58a29364fa6e4cb5876f78444680aa7011c0df (patch) | |
| tree | 4192927273c30985a94dccfd0b88dea7766e6354 /doc | |
| parent | 19caddccde42a3af02361910befff8c570b6301d (diff) | |
| download | gnutls-fa58a29364fa6e4cb5876f78444680aa7011c0df.tar.gz | |
Add P11 section.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/gnutls.texi | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/doc/gnutls.texi b/doc/gnutls.texi index dc3d45ba12..5b75a34093 100644 --- a/doc/gnutls.texi +++ b/doc/gnutls.texi @@ -2440,14 +2440,6 @@ certtool --generate-certificate --load-privkey x509-client-key.pem \ ... @end example -To be able to import the client key/certificate into some -applications, you will need to convert them into a PKCS#12 structure. -This also encrypts the security sensitive key with a password. - -@example -certtool --to-p12 --load-privkey x509-client-key.pem --load-certificate x509-client.pem --outder --outfile x509-client.p12 -@end example - For icing, we'll create a proxy certificate for the client too. @example @@ -2939,6 +2931,19 @@ client functions with the corresponding server functions. @include ia-api.texi +@node Crypto storage functions +@section Crypto storage functions +@cindex Smart cards +@cindex PKCS#11 + +GnuTLS can use the PKCS#11 provider Scute to load trusted CA +certificates from, e.g., smartcards. In the future, this +functionality may be extended to allow off-loading the signing +operation to the PKCS#11 provider too, and to support other PKCS#11 +providers too. + +@include p11-api.texi + @node Error codes and descriptions @section Error codes and descriptions @anchor{Error Codes} |