[Pkg-fedora-ds-maintainers] [libapache2-mod-nss] 26/156: Add more information related to gencert Tell user's where to find more documentation
tjaalton-guest at moszumanska.debian.org
Wed Jul 2 13:55:24 UTC 2014
This is an automated email from the git hooks/post-receive script.
tjaalton-guest pushed a commit to branch master
in repository libapache2-mod-nss.
Author: rcritten <>
Date: Wed Aug 3 13:38:26 2005 +0000
Add more information related to gencert
Tell user's where to find more documentation
README | 22 ++++++++++++++++++----
1 file changed, 18 insertions(+), 4 deletions(-)
diff --git a/README b/README
index df2904e..0d82eb4 100644
@@ -22,11 +22,14 @@ BUILDING
Build and install those packages somewhere then configure the module with
- % ./configure --with-apxs=/path/to/apxs/ --with-nspr=/path/to/nspr/ --with-nss=/path/to/nss/
+ % ./configure --with-apxs[=/path/to/apxs/] --with-nspr=/path/to/nspr/ --with-nss=/path/to/nss/
% gmake all install
+ You only need to use =/path/to/apxs if apxs isn't in your path or if you
+ want to install into a specific Apache installation.
This will install a sample configuration file nss.conf. You'll need to do
- some hand-editing as well.
+ some hand-editing as well to tell Apache to read this file.
To httpd.conf add (anywhere is fine):
@@ -35,12 +38,19 @@ BUILDING
You'll need to change the default ports in nss.conf from 443 to
something else if you aren't starting this as root.
You'll need to create an NSS database and get a server certificate installed.
A script, gencerts, is included to help get things going with a self-signed
certificate. This is a *BAD* idea and you shouldn't use this. It is for
- example purposes only.
+ demonstration purposes only. As a matter of policy, users should not get
+ used to accepting a SSL certifiate signed by an unknown or untrusted
+ The result of the gencert script is an NSS database that contains a
+ self-signed CA, a server certificate (nickname Server-Cert) and a
+ client certificate (alpha). The client certificate is generated to make
+ testing client authentication simpler.
You can store the token passwords in a file so you aren't prompted during
startup (so you can do unattended starts, for example). To do this, set
@@ -53,3 +63,7 @@ CONFIGURING
A sample for the internal software token is like:
+ See docs/mod_nss.html for additional information.
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-fedora-ds/libapache2-mod-nss.git
More information about the Pkg-fedora-ds-maintainers