The Tor Browser / file diff

diff: security/nss/doc/nroff/vfychain.1

security/nss/doc/nroff/vfychain.1

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/nss/doc/nroff/vfychain.1	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,169 @@
     1.4 +'\" t
     1.5 +.\"     Title: VFYCHAIN
     1.6 +.\"    Author: [see the "Authors" section]
     1.7 +.\" Generator: DocBook XSL Stylesheets v1.78.1 <http://docbook.sf.net/>
     1.8 +.\"      Date:  5 June 2014
     1.9 +.\"    Manual: NSS Security Tools
    1.10 +.\"    Source: nss-tools
    1.11 +.\"  Language: English
    1.12 +.\"
    1.13 +.TH "VFYCHAIN" "1" "5 June 2014" "nss-tools" "NSS Security Tools"
    1.14 +.\" -----------------------------------------------------------------
    1.15 +.\" * Define some portability stuff
    1.16 +.\" -----------------------------------------------------------------
    1.17 +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    1.18 +.\" http://bugs.debian.org/507673
    1.19 +.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
    1.20 +.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    1.21 +.ie \n(.g .ds Aq \(aq
    1.22 +.el       .ds Aq '
    1.23 +.\" -----------------------------------------------------------------
    1.24 +.\" * set default formatting
    1.25 +.\" -----------------------------------------------------------------
    1.26 +.\" disable hyphenation
    1.27 +.nh
    1.28 +.\" disable justification (adjust text to left margin only)
    1.29 +.ad l
    1.30 +.\" -----------------------------------------------------------------
    1.31 +.\" * MAIN CONTENT STARTS HERE *
    1.32 +.\" -----------------------------------------------------------------
    1.33 +.SH "NAME"
    1.34 +vfychain_ \- vfychain [options] [revocation options] certfile [[options] certfile] \&.\&.\&.
    1.35 +.SH "SYNOPSIS"
    1.36 +.HP \w'\fBvfychain\fR\ 'u
    1.37 +\fBvfychain\fR
    1.38 +.SH "STATUS"
    1.39 +.PP
    1.40 +This documentation is still work in progress\&. Please contribute to the initial review in
    1.41 +\m[blue]\fBMozilla NSS bug 836477\fR\m[]\&\s-2\u[1]\d\s+2
    1.42 +.SH "DESCRIPTION"
    1.43 +.PP
    1.44 +The verification Tool,
    1.45 +\fBvfychain\fR, verifies certificate chains\&.
    1.46 +\fBmodutil\fR
    1.47 +can add and delete PKCS #11 modules, change passwords on security databases, set defaults, list module contents, enable or disable slots, enable or disable FIPS 140\-2 compliance, and assign default providers for cryptographic operations\&. This tool can also create certificate, key, and module security database files\&.
    1.48 +.PP
    1.49 +The tasks associated with security module database management are part of a process that typically also involves managing key databases and certificate databases\&.
    1.50 +.SH "OPTIONS"
    1.51 +.PP
    1.52 +\fB\-a\fR
    1.53 +.RS 4
    1.54 +the following certfile is base64 encoded
    1.55 +.RE
    1.56 +.PP
    1.57 +\fB\-b \fR \fIYYMMDDHHMMZ\fR
    1.58 +.RS 4
    1.59 +Validate date (default: now)
    1.60 +.RE
    1.61 +.PP
    1.62 +\fB\-d \fR \fIdirectory\fR
    1.63 +.RS 4
    1.64 +database directory
    1.65 +.RE
    1.66 +.PP
    1.67 +\fB\-f \fR
    1.68 +.RS 4
    1.69 +Enable cert fetching from AIA URL
    1.70 +.RE
    1.71 +.PP
    1.72 +\fB\-o \fR \fIoid\fR
    1.73 +.RS 4
    1.74 +Set policy OID for cert validation(Format OID\&.1\&.2\&.3)
    1.75 +.RE
    1.76 +.PP
    1.77 +\fB\-p \fR
    1.78 +.RS 4
    1.79 +Use PKIX Library to validate certificate by calling:
    1.80 +.sp
    1.81 +* CERT_VerifyCertificate if specified once,
    1.82 +.sp
    1.83 +* CERT_PKIXVerifyCert if specified twice and more\&.
    1.84 +.RE
    1.85 +.PP
    1.86 +\fB\-r \fR
    1.87 +.RS 4
    1.88 +Following certfile is raw binary DER (default)
    1.89 +.RE
    1.90 +.PP
    1.91 +\fB\-t\fR
    1.92 +.RS 4
    1.93 +Following cert is explicitly trusted (overrides db trust)
    1.94 +.RE
    1.95 +.PP
    1.96 +\fB\-u \fR \fIusage\fR
    1.97 +.RS 4
    1.98 +0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email signer, 5=Email recipient, 6=Object signer, 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA
    1.99 +.RE
   1.100 +.PP
   1.101 +\fB\-T \fR
   1.102 +.RS 4
   1.103 +Trust both explicit trust anchors (\-t) and the database\&. (Without this option, the default is to only trust certificates marked \-t, if there are any, or to trust the database if there are certificates marked \-t\&.)
   1.104 +.RE
   1.105 +.PP
   1.106 +\fB\-v \fR
   1.107 +.RS 4
   1.108 +Verbose mode\&. Prints root cert subject(double the argument for whole root cert info)
   1.109 +.RE
   1.110 +.PP
   1.111 +\fB\-w \fR \fIpassword\fR
   1.112 +.RS 4
   1.113 +Database password
   1.114 +.RE
   1.115 +.PP
   1.116 +\fB\-W \fR \fIpwfile\fR
   1.117 +.RS 4
   1.118 +Password file
   1.119 +.RE
   1.120 +.PP
   1.121 +.RS 4
   1.122 +Revocation options for PKIX API (invoked with \-pp options) is a collection of the following flags: [\-g type [\-h flags] [\-m type [\-s flags]] \&.\&.\&.] \&.\&.\&.
   1.123 +.sp
   1.124 +Where:
   1.125 +.RE
   1.126 +.PP
   1.127 +\fB\-g \fR \fItest\-type\fR
   1.128 +.RS 4
   1.129 +Sets status checking test type\&. Possible values are "leaf" or "chain"
   1.130 +.RE
   1.131 +.PP
   1.132 +\fB\-g \fR \fItest type\fR
   1.133 +.RS 4
   1.134 +Sets status checking test type\&. Possible values are "leaf" or "chain"\&.
   1.135 +.RE
   1.136 +.PP
   1.137 +\fB\-h \fR \fItest flags\fR
   1.138 +.RS 4
   1.139 +Sets revocation flags for the test type it follows\&. Possible flags: "testLocalInfoFirst" and "requireFreshInfo"\&.
   1.140 +.RE
   1.141 +.PP
   1.142 +\fB\-m \fR \fImethod type\fR
   1.143 +.RS 4
   1.144 +Sets method type for the test type it follows\&. Possible types are "crl" and "ocsp"\&.
   1.145 +.RE
   1.146 +.PP
   1.147 +\fB\-s \fR \fImethod flags\fR
   1.148 +.RS 4
   1.149 +Sets revocation flags for the method it follows\&. Possible types are "doNotUse", "forbidFetching", "ignoreDefaultSrc", "requireInfo" and "failIfNoInfo"\&.
   1.150 +.RE
   1.151 +.SH "ADDITIONAL RESOURCES"
   1.152 +.PP
   1.153 +For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at
   1.154 +\m[blue]\fBhttp://www\&.mozilla\&.org/projects/security/pki/nss/\fR\m[]\&. The NSS site relates directly to NSS code changes and releases\&.
   1.155 +.PP
   1.156 +Mailing lists: https://lists\&.mozilla\&.org/listinfo/dev\-tech\-crypto
   1.157 +.PP
   1.158 +IRC: Freenode at #dogtag\-pki
   1.159 +.SH "AUTHORS"
   1.160 +.PP
   1.161 +The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google\&.
   1.162 +.PP
   1.163 +Authors: Elio Maldonado <emaldona@redhat\&.com>, Deon Lackey <dlackey@redhat\&.com>\&.
   1.164 +.SH "LICENSE"
   1.165 +.PP
   1.166 +Licensed under the Mozilla Public License, v\&. 2\&.0\&. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla\&.org/MPL/2\&.0/\&.
   1.167 +.SH "NOTES"
   1.168 +.IP " 1." 4
   1.169 +Mozilla NSS bug 836477
   1.170 +.RS 4
   1.171 +\%https://bugzilla.mozilla.org/show_bug.cgi?id=836477
   1.172 +.RE

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial