[Pkg-fedora-ds-maintainers] [libapache2-mod-nss] 26/156: Add more information related to gencert Tell user's where to find more documentation

Timo Aaltonen tjaalton-guest at moszumanska.debian.org
Wed Jul 2 13:55:24 UTC 2014

This is an automated email from the git hooks/post-receive script.

tjaalton-guest pushed a commit to branch master
in repository libapache2-mod-nss.

commit 64342aaae7731e2d75217c7403f7da597bd45aee
Author: rcritten <>
Date:   Wed Aug 3 13:38:26 2005 +0000

    Add more information related to gencert
    Tell user's where to find more documentation
 README | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/README b/README
index df2904e..0d82eb4 100644
--- a/README
+++ b/README
@@ -22,11 +22,14 @@ BUILDING
  Build and install those packages somewhere then configure the module with
  something like:
- % ./configure --with-apxs=/path/to/apxs/ --with-nspr=/path/to/nspr/ --with-nss=/path/to/nss/
+ % ./configure --with-apxs[=/path/to/apxs/] --with-nspr=/path/to/nspr/ --with-nss=/path/to/nss/
  % gmake all install
+ You only need to use =/path/to/apxs if apxs isn't in your path or if you
+ want to install into a specific Apache installation.
  This will install a sample configuration file nss.conf. You'll need to do
- some hand-editing as well.
+ some hand-editing as well to tell Apache to read this file.
  To httpd.conf add (anywhere is fine):
@@ -35,12 +38,19 @@ BUILDING
  You'll need to change the default ports in nss.conf from 443 to
  something else if you aren't starting this as root.
  You'll need to create an NSS database and get a server certificate installed.
  A script, gencerts, is included to help get things going with a self-signed
  certificate. This is a *BAD* idea and you shouldn't use this. It is for
- example purposes only.
+ demonstration purposes only. As a matter of policy, users should not get
+ used to accepting a SSL certifiate signed by an unknown or untrusted
+ issuer.
+ The result of the gencert script is an NSS database that contains a
+ self-signed CA, a server certificate (nickname Server-Cert) and a
+ client certificate (alpha). The client certificate is generated to make
+ testing client authentication simpler.
  You can store the token passwords in a file so you aren't prompted during
  startup (so you can do unattended starts, for example). To do this, set
@@ -53,3 +63,7 @@ CONFIGURING
  A sample for the internal software token is like:
+ See docs/mod_nss.html for additional information.

Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-fedora-ds/libapache2-mod-nss.git

More information about the Pkg-fedora-ds-maintainers mailing list