diff options
Diffstat (limited to 'doc/rst/legacy/tools/vfychain/index.rst')
-rw-r--r-- | doc/rst/legacy/tools/vfychain/index.rst | 148 |
1 files changed, 74 insertions, 74 deletions
diff --git a/doc/rst/legacy/tools/vfychain/index.rst b/doc/rst/legacy/tools/vfychain/index.rst index faa418db0..ffd1cdf86 100644 --- a/doc/rst/legacy/tools/vfychain/index.rst +++ b/doc/rst/legacy/tools/vfychain/index.rst @@ -6,87 +6,87 @@ NSS tools : vfychain .. container:: | Name - | vfychain — vfychain [options] [revocation options] certfile [[options] - | certfile] ... + | vfychain — vfychain [options] [revocation options] certfile [[options] + | certfile] ... | Synopsis - | vfychain + | vfychain | Description - | The verification Tool, vfychain, verifies certificate chains. modutil can - | add and delete PKCS #11 modules, change passwords on security databases, - | set defaults, list module contents, enable or disable slots, enable or - | disable FIPS 140-2 compliance, and assign default providers for - | cryptographic operations. This tool can also create certificate, key, and - | module security database files. - | The tasks associated with security module database management are part of - | a process that typically also involves managing key databases and - | certificate databases. + | The verification Tool, vfychain, verifies certificate chains. modutil can + | add and delete PKCS #11 modules, change passwords on security databases, + | set defaults, list module contents, enable or disable slots, enable or + | disable FIPS 140-2 compliance, and assign default providers for + | cryptographic operations. This tool can also create certificate, key, and + | module security database files. + | The tasks associated with security module database management are part of + | a process that typically also involves managing key databases and + | certificate databases. | Options - | -a - | the following certfile is base64 encoded - | -b YYMMDDHHMMZ - | Validate date (default: now) - | -d directory - | database directory - | -f - | Enable cert fetching from AIA URL - | -o oid - | Set policy OID for cert validation(Format OID.1.2.3) - | -p - | Use PKIX Library to validate certificate by calling: - | \* CERT_VerifyCertificate if specified once, - | \* CERT_PKIXVerifyCert if specified twice and more. - | -r - | Following certfile is raw binary DER (default) - | -t - | Following cert is explicitly trusted (overrides db trust) - | -u usage - | 0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email - | signer, 5=Email recipient, 6=Object signer, - | 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA - | -v - | Verbose mode. Prints root cert subject(double the argument for - | whole root cert info) - | -w password - | Database password - | -W pwfile - | Password file - | Revocation options for PKIX API (invoked with -pp options) is a - | collection of the following flags: [-g type [-h flags] [-m type - | [-s flags]] ...] ... - | Where: - | -g test-type - | Sets status checking test type. Possible values are "leaf" or - | "chain" - | -g test type - | Sets status checking test type. Possible values are "leaf" or - | "chain". - | -h test flags - | Sets revocation flags for the test type it follows. Possible - | flags: "testLocalInfoFirst" and "requireFreshInfo". - | -m method type - | Sets method type for the test type it follows. Possible types are - | "crl" and "ocsp". - | -s method flags - | Sets revocation flags for the method it follows. Possible types - | are "doNotUse", "forbidFetching", "ignoreDefaultSrc", - | "requireInfo" and "failIfNoInfo". + | -a + | the following certfile is base64 encoded + | -b YYMMDDHHMMZ + | Validate date (default: now) + | -d directory + | database directory + | -f + | Enable cert fetching from AIA URL + | -o oid + | Set policy OID for cert validation(Format OID.1.2.3) + | -p + | Use PKIX Library to validate certificate by calling: + | \* CERT_VerifyCertificate if specified once, + | \* CERT_PKIXVerifyCert if specified twice and more. + | -r + | Following certfile is raw binary DER (default) + | -t + | Following cert is explicitly trusted (overrides db trust) + | -u usage + | 0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email + | signer, 5=Email recipient, 6=Object signer, + | 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA + | -v + | Verbose mode. Prints root cert subject(double the argument for + | whole root cert info) + | -w password + | Database password + | -W pwfile + | Password file + | Revocation options for PKIX API (invoked with -pp options) is a + | collection of the following flags: [-g type [-h flags] [-m type + | [-s flags]] ...] ... + | Where: + | -g test-type + | Sets status checking test type. Possible values are "leaf" or + | "chain" + | -g test type + | Sets status checking test type. Possible values are "leaf" or + | "chain". + | -h test flags + | Sets revocation flags for the test type it follows. Possible + | flags: "testLocalInfoFirst" and "requireFreshInfo". + | -m method type + | Sets method type for the test type it follows. Possible types are + | "crl" and "ocsp". + | -s method flags + | Sets revocation flags for the method it follows. Possible types + | are "doNotUse", "forbidFetching", "ignoreDefaultSrc", + | "requireInfo" and "failIfNoInfo". | Additional Resources - | For information about NSS and other tools related to NSS (like JSS), check - | out the NSS project wiki at - | + | For information about NSS and other tools related to NSS (like JSS), check + | out the NSS project wiki at + | [1]\ `http://www.mozilla.org/projects/security/pki/nss/ <https://www.mozilla.org/projects/security/pki/nss/>`__. The NSS site relates - | directly to NSS code changes and releases. - | Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto - | IRC: Freenode at #dogtag-pki + | directly to NSS code changes and releases. + | Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto + | IRC: Freenode at #dogtag-pki | Authors - | The NSS tools were written and maintained by developers with Netscape, Red - | Hat, and Sun. - | Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey - | <dlackey@redhat.com>. + | The NSS tools were written and maintained by developers with Netscape, Red + | Hat, and Sun. + | Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey + | <dlackey@redhat.com>. | Copyright - | (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2. + | (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2. | References - | Visible links - | 1. + | Visible links + | 1. `http://www.mozilla.org/projects/security/pki/nss/ <https://www.mozilla.org/projects/security/pki/nss/>`__
\ No newline at end of file |