|
William Pitcock |
c17d73 |
.\" Hey, EMACS: -*- nroff -*-
|
|
William Pitcock |
c17d73 |
.\" First parameter, NAME, should be all caps
|
|
William Pitcock |
c17d73 |
.\" Second parameter, SECTION, should be 1-8, maybe w/ subsection
|
|
William Pitcock |
c17d73 |
.\" other parameters are allowed: see man(7), man(1)
|
|
William Pitcock |
c17d73 |
.TH UPDATE-CA-CERTIFICATES 8 "20 April 2003"
|
|
William Pitcock |
c17d73 |
.\" Please adjust this date whenever revising the manpage.
|
|
William Pitcock |
c17d73 |
.\"
|
|
William Pitcock |
c17d73 |
.\" Some roff macros, for reference:
|
|
William Pitcock |
c17d73 |
.\" .nh disable hyphenation
|
|
William Pitcock |
c17d73 |
.\" .hy enable hyphenation
|
|
William Pitcock |
c17d73 |
.\" .ad l left justify
|
|
William Pitcock |
c17d73 |
.\" .ad b justify to both left and right margins
|
|
William Pitcock |
c17d73 |
.\" .nf disable filling
|
|
William Pitcock |
c17d73 |
.\" .fi enable filling
|
|
William Pitcock |
c17d73 |
.\" .br insert line break
|
|
William Pitcock |
c17d73 |
.\" .sp <n> insert n+1 empty lines
|
|
William Pitcock |
c17d73 |
.\" for manpage-specific macros, see man(7)
|
|
William Pitcock |
c17d73 |
.SH NAME
|
|
William Pitcock |
c17d73 |
update-ca-certificates \- update /etc/ssl/certs and ca-certificates.crt
|
|
William Pitcock |
c17d73 |
.SH SYNOPSIS
|
|
William Pitcock |
c17d73 |
.B update-ca-certificates
|
|
William Pitcock |
c17d73 |
.RI [ options ]
|
|
William Pitcock |
c17d73 |
.SH DESCRIPTION
|
|
William Pitcock |
c17d73 |
This manual page documents briefly the
|
|
William Pitcock |
c17d73 |
.B update-ca-certificates
|
|
William Pitcock |
c17d73 |
command.
|
|
William Pitcock |
c17d73 |
.PP
|
|
William Pitcock |
c17d73 |
\fBupdate-ca-certificates\fP is a program that updates the directory
|
|
William Pitcock |
c17d73 |
/etc/ssl/certs to hold SSL certificates and generates ca-certificates.crt,
|
|
William Pitcock |
c17d73 |
a concatenated single-file list of certificates.
|
|
William Pitcock |
c17d73 |
.PP
|
|
William Pitcock |
c17d73 |
It reads the file /etc/ca-certificates.conf. Each line gives a pathname of
|
|
William Pitcock |
c17d73 |
a CA certificate under /usr/share/ca-certificates that should be trusted.
|
|
William Pitcock |
c17d73 |
Lines that begin with "#" are comment lines and thus ignored.
|
|
William Pitcock |
c17d73 |
Lines that begin with "!" are deselected, causing the deactivation of the CA
|
|
William Pitcock |
c17d73 |
certificate in question. Certificates must have a .crt extension in order to
|
|
William Pitcock |
c17d73 |
be included by update-ca-certificates.
|
|
William Pitcock |
c17d73 |
.PP
|
|
William Pitcock |
c17d73 |
Furthermore all certificates with a .crt extension found below
|
|
William Pitcock |
c17d73 |
/usr/local/share/ca-certificates are also included as implicitly trusted.
|
|
William Pitcock |
c17d73 |
.PP
|
|
William Pitcock |
c17d73 |
Before terminating, \fBupdate-ca-certificates\fP invokes
|
|
William Pitcock |
c17d73 |
\fBrun-parts\fP on /etc/ca-certificates/update.d.
|
|
William Pitcock |
c17d73 |
.SH OPTIONS
|
|
William Pitcock |
c17d73 |
A summary of options is included below.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.B \-h, \-\-help
|
|
William Pitcock |
c17d73 |
Show summary of options.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.B \-v, \-\-verbose
|
|
William Pitcock |
c17d73 |
Be verbose. Output \fBc_rehash\fP.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.B \-f, \-\-fresh
|
|
William Pitcock |
c17d73 |
Fresh updates. Remove symlinks in /etc/ssl/certs directory.
|
|
William Pitcock |
c17d73 |
.SH FILES
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.I /etc/ca-certificates.conf
|
|
William Pitcock |
c17d73 |
A configuration file.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.I /etc/ssl/certs/ca-certificates.crt
|
|
William Pitcock |
c17d73 |
A single-file version of CA certificates. This holds
|
|
William Pitcock |
c17d73 |
all CA certificates that you activated in /etc/ca-certificates.conf.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.I /usr/share/ca-certificates
|
|
William Pitcock |
c17d73 |
Directory of CA certificates.
|
|
William Pitcock |
c17d73 |
.TP
|
|
William Pitcock |
c17d73 |
.I /usr/local/share/ca-certificates
|
|
William Pitcock |
c17d73 |
Directory of local CA certificates (with .crt extension).
|
|
William Pitcock |
c17d73 |
.SH SEE ALSO
|
|
William Pitcock |
c17d73 |
.BR c_rehash (1)
|
|
William Pitcock |
c17d73 |
.SH AUTHOR
|
|
William Pitcock |
c17d73 |
This manual page was written by Fumitoshi UKAI <ukai@debian.or.jp>,
|
|
William Pitcock |
c17d73 |
for the Debian project (but may be used by others).
|