manpagez: man pages & more
html files: goocanvas
Home | html | info | man


The following sections describe the config format in detail. But first an example which shows the various features. The configuration below, loads two modules called 'my-module' and 'nss'. The user settings override some aspects of the system settings.

Global configuration file: -n /opt/local/etc/pkcs11 /pkcs11.conf

# This setting controls whether to load user configuration from the
# -n ~/.config/pkcs11
 directory. Possible values:
#    none: No user configuration
#    merge: Merge the user config over the system configuration (default)
#    only: Only user configuration, ignore system configuration
user-config: merge

One module configuration file per module: -n /opt/local/etc/pkcs11 /modules/my-module

# This setting controls the actual module library to load. This config file
# might be installed by the package that installs this module library. This
# is not an absolute path name. Relative path names are loaded from the
# $(libdir)/pkcs11 directory by default.

# This controls whether the module is required to successfully initialize. If 'yes', then
# a failure to load or initialize this module will result in a p11-kit system failure.
critical: no

User configuration file: -n ~/.config/pkcs11 /pkcs11.conf

# This is an empty file. Files that do not exist are treated as empty.

User configuration file: -n ~/.config/pkcs11 /modules/my-module

# Merge with the settings in the system my-module config file. In this case
# a developer has overridden to load a different module for my-module instead.
module: /home/user/src/custom-module/

User configuration file: -n ~/.config/pkcs11 /modules/nss

# Load the NSS PKCS#11 library as a module. Note that we pass
# some custom non-standard initialization arguments, as NSS expects.
module: /usr/lib/
x-init-reserved: configdir='sql:/home/test/.pki/nssdb' certPrefix='' keyPrefix='' secmod='socmod.db'
critical: yes
© 2000-2024
Individual documents may contain additional copyright information.