From: Daniel Kahn Gillmor Date: Sun, 14 Mar 2010 07:06:32 +0000 (-0400) Subject: enable use of hkps (closes: MS #1749) X-Git-Tag: monkeysphere_0.29~16 X-Git-Url: https://codewiz.org/gitweb?a=commitdiff_plain;h=24da4d0207c8d3c7586871dac3eea9d2a0b864c3;p=monkeysphere.git enable use of hkps (closes: MS #1749) --- diff --git a/man/man8/monkeysphere-authentication.8 b/man/man8/monkeysphere-authentication.8 index 8732157..ea9debd 100644 --- a/man/man8/monkeysphere-authentication.8 +++ b/man/man8/monkeysphere-authentication.8 @@ -177,6 +177,11 @@ false may expose users to abuse by other users on the system. (true) /etc/monkeysphere/monkeysphere\-authentication.conf System monkeysphere-authentication config file. .TP +/etc/monkeysphere/monkeysphere\-authentication\-x509\-anchors.crt +If monkeysphere-authentication is configured to query an hkps +keyserver, it will use X.509 Certificate Authority certificates in +this file to validate any X.509 certificates used by the keyserver. +.TP /var/lib/monkeysphere/authorized_keys/USER Monkeysphere-generated user authorized_keys files. .TP diff --git a/src/share/ma/setup b/src/share/ma/setup index 6c75fef..f965487 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -43,6 +43,7 @@ EOF # Edits will be overwritten. no-greeting list-options show-uid-validity +keyserver-options ca-cert-file=${SYSCONFIGDIR}/monkeysphere-authentication-x509-anchors.crt EOF # make sure the monkeysphere user owns everything in the sphere