summaryrefslogtreecommitdiffstats
path: root/security/nss/doc/certutil.xml
diff options
context:
space:
mode:
authorwolfbeast <mcwerewolf@gmail.com>2018-12-15 01:42:53 +0100
committerwolfbeast <mcwerewolf@gmail.com>2018-12-15 01:42:53 +0100
commit74cabf7948b2597f5b6a67d6910c844fd1a88ff6 (patch)
treedb1f30ada487c3831ea8e4e98b2d39edc9e88eea /security/nss/doc/certutil.xml
parent09ef48bd005a7f9e97a3fe797a079fcf2b5e58d3 (diff)
downloadUXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.gz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.lz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.tar.xz
UXP-74cabf7948b2597f5b6a67d6910c844fd1a88ff6.zip
Update NSS to 3.41
Diffstat (limited to 'security/nss/doc/certutil.xml')
-rw-r--r--security/nss/doc/certutil.xml12
1 files changed, 8 insertions, 4 deletions
diff --git a/security/nss/doc/certutil.xml b/security/nss/doc/certutil.xml
index 4622c75e4..5c3b3501a 100644
--- a/security/nss/doc/certutil.xml
+++ b/security/nss/doc/certutil.xml
@@ -84,7 +84,7 @@
<varlistentry>
<term>-F</term>
- <listitem><para>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument. Specify the database from which to delete the key with the
+ <listitem><para>Delete a private key and the associated certificate from a database. Specify the key to delete with the -n argument or the -k argument. Specify the database from which to delete the key with the
<option>-d</option> argument.
</para>
<para>
@@ -258,7 +258,8 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their
<varlistentry>
<term>-h tokenname</term>
- <listitem><para>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</para></listitem>
+ <listitem><para>Specify the name of a token to use or act on. If not specified the default token is the internal database slot.</para>
+ <para>The name can also be a PKCS #11 URI. For example, the NSS internal certificate store can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB". For details about the format, see RFC 7512.</para></listitem>
</varlistentry>
<varlistentry>
@@ -292,7 +293,8 @@ Add one or multiple extensions that certutil cannot encode yet, by loading their
<varlistentry>
<term>-n nickname</term>
- <listitem><para>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</para></listitem>
+ <listitem><para>Specify the nickname of a certificate or key to list, create, add to a database, modify, or validate. Bracket the nickname string with quotation marks if it contains spaces.</para>
+ <para>The nickname can also be a PKCS #11 URI. For example, if you have a certificate named "my-server-cert" on the internal certificate store, it can be unambiguously specified as "pkcs11:token=NSS%20Certificate%20DB;object=my-server-cert". For details about the format, see RFC 7512.</para></listitem>
</varlistentry>
<varlistentry>
@@ -1017,9 +1019,11 @@ certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and
slot: NSS User Private Key and Certificate Services
token: NSS Certificate DB
+ uri: pkcs11:token=NSS%20Certificate%20DB;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203
slot: NSS Internal Cryptographic Services
- token: NSS Generic Crypto Services</programlisting>
+ token: NSS Generic Crypto Services
+ uri: pkcs11:token=NSS%20Generic%20Crypto%20Services;manufacturer=Mozilla%20Foundation;serial=0000000000000000;model=NSS%203</programlisting>
<para><command>Adding Certificates to the Database</command></para>
<para>