Commit 9f01d5d1 authored by Julien Muchembled's avatar Julien Muchembled

doc: give examples of command to create key/dh files

parent e5d9c4b1
...@@ -116,6 +116,8 @@ certificates, as follows: translate the significant part to hexadecimal ...@@ -116,6 +116,8 @@ certificates, as follows: translate the significant part to hexadecimal
openssl req -nodes -new -x509 -key ca.key -set_serial 0x120010db80042 \ openssl req -nodes -new -x509 -key ca.key -set_serial 0x120010db80042 \
-days 365 -out ca.crt -days 365 -out ca.crt
(see ``re6st-registry --help`` for examples to create key/dh files)
The CA email will be used as sender for mails containing tokens. The CA email will be used as sender for mails containing tokens.
The registry can now be started:: The registry can now be started::
......
...@@ -72,10 +72,13 @@ def main(): ...@@ -72,10 +72,13 @@ def main():
help="Path to SQLite database file. It is automatically initialized" help="Path to SQLite database file. It is automatically initialized"
" if the file does not exist.") " if the file does not exist.")
_('--dh', _('--dh',
help='File containing Diffie-Hellman parameters in .pem format') help="File containing Diffie-Hellman parameters in .pem format."
" To generate them, you can use something like:\n"
"openssl dhparam -out dh2048.pem 2048")
_('--ca', required=True, help=parser._ca_help) _('--ca', required=True, help=parser._ca_help)
_('--key', required=True, _('--key', required=True,
help="CA private key in .pem format.") help="CA private key in .pem format. For example:\nopenssl"
" genpkey -out ca.key -algorithm rsa -pkeyopt rsa_keygen_bits:2048")
_('--mailhost', required=True, _('--mailhost', required=True,
help="SMTP host to send confirmation emails. For debugging" help="SMTP host to send confirmation emails. For debugging"
" purpose, it can also be an absolute or existing path to" " purpose, it can also be an absolute or existing path to"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment