diff options
| author | wolfbeast <mcwerewolf@gmail.com> | 2018-07-18 08:24:24 +0200 |
|---|---|---|
| committer | wolfbeast <mcwerewolf@gmail.com> | 2018-07-18 08:24:24 +0200 |
| commit | fc61780b35af913801d72086456f493f63197da6 (patch) | |
| tree | f85891288a7bd988da9f0f15ae64e5c63f00d493 /security/nss/doc/certutil.xml | |
| parent | 69f7f9e5f1475891ce11cc4f431692f965b0cd30 (diff) | |
| parent | 50d3e596bbe89c95615f96eb71f6bc5be737a1db (diff) | |
| download | UXP-fc61780b35af913801d72086456f493f63197da6.tar UXP-fc61780b35af913801d72086456f493f63197da6.tar.gz UXP-fc61780b35af913801d72086456f493f63197da6.tar.lz UXP-fc61780b35af913801d72086456f493f63197da6.tar.xz UXP-fc61780b35af913801d72086456f493f63197da6.zip | |
Merge commit '50d3e596bbe89c95615f96eb71f6bc5be737a1db' into Basilisk-releasev2018.07.18
# Conflicts:
# browser/app/profile/firefox.js
# browser/components/preferences/jar.mn
Diffstat (limited to 'security/nss/doc/certutil.xml')
| -rw-r--r-- | security/nss/doc/certutil.xml | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/security/nss/doc/certutil.xml b/security/nss/doc/certutil.xml index 461b21389..4622c75e4 100644 --- a/security/nss/doc/certutil.xml +++ b/security/nss/doc/certutil.xml @@ -84,11 +84,11 @@ <varlistentry> <term>-F</term> - <listitem><para>Delete a private key from a key database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the -<option>-d</option> argument. Use the <option>-k</option> argument to specify explicitly whether to delete a DSA, RSA, or ECC key. If you don't use the <option>-k</option> argument, the option looks for an RSA key matching the specified nickname. + <listitem><para>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the +<option>-d</option> argument. </para> <para> -When you delete keys, be sure to also remove any certificates associated with those keys from the certificate database, by using -D. Some smart cards do not let you remove a public key you have generated. In such a case, only the private key is deleted from the key pair. You can display the public key with the command certutil -K -h tokenname. </para></listitem> +Some smart cards do not let you remove a public key you have generated. In such a case, only the private key is deleted from the key pair.</para></listitem> </varlistentry> <varlistentry> @@ -456,6 +456,16 @@ of the attribute codes: </varlistentry> <varlistentry> + <term>--pss</term> + <listitem><para>Restrict the generated certificate (with the <option>-S</option> option) or certificate request (with the <option>-R</option> option) to be used with the RSA-PSS signature scheme. This only works when the private key of the certificate or certificate request is RSA.</para></listitem> + </varlistentry> + + <varlistentry> + <term>--pss-sign</term> + <listitem><para>Sign the generated certificate with the RSA-PSS signature scheme (with the <option>-C</option> or <option>-S</option> option). This only works when the private key of the signer's certificate is RSA. If the signer's certificate is restricted to RSA-PSS, it is not necessary to specify this option.</para></listitem> + </varlistentry> + + <varlistentry> <term>-z noise-file</term> <listitem><para>Read a seed value from the specified file to generate a new private and public key pair. This argument makes it possible to use hardware-generated seed values or manually create a value from the keyboard. The minimum file size is 20 bytes.</para></listitem> </varlistentry> |