From: Joe Orton Date: Wed, 11 Jul 2018 07:45:57 +0000 (+0000) Subject: Update docs and bump logno for PKCS#11 support change in r1835615. X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=4e17a984036f9d195d93ceb4bdadc50c252a120c;p=apache Update docs and bump logno for PKCS#11 support change in r1835615. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1835614 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/log-message-tags/next-number b/docs/log-message-tags/next-number index 5ce871b01a..71bcccf8c6 100644 --- a/docs/log-message-tags/next-number +++ b/docs/log-message-tags/next-number @@ -1 +1 @@ -10149 +10150 diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index fc1a208cb7..a08256530b 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -920,8 +920,7 @@ files, a certificate identifier can be used to identify a certificate stored in a token. Currently, only PKCS#11 URIs are recognized as certificate identifiers, and can be used in conjunction -with the OpenSSL pkcs11 engine configured with SSLCryptoDevice. If pkcs11 engine. If SSLCertificateKeyFile is omitted, the certificate and private key can be loaded through the single identifier specified with @@ -1013,19 +1010,16 @@ an embedded key must be configured after the certificates using a separate key file.

As an alternative to storing private keys in files, a key -identifier can be specified to identify a private key stored in a +identifier can be used to identify a private key stored in a token. Currently, only PKCS#11 URIs are recognized as private key identifiers, and can be used in conjunction with the OpenSSL -pkcs11 engine configured with SSLCryptoDevice.

+pkcs11 engine.

Example # To use a private key from a PEM-encoded file: SSLCertificateKeyFile "/usr/local/apache2/conf/ssl.key/server.key" # To use a private key from a PKCS#11 token: -SSLCryptoDevice pkcs11 -... SSLCertificateKeyFile "pkcs11:token=My%20Token%20Name;id=45"