aboutsummaryrefslogtreecommitdiff
path: root/bpkg/repository-signing.cli
diff options
context:
space:
mode:
Diffstat (limited to 'bpkg/repository-signing.cli')
-rw-r--r--bpkg/repository-signing.cli14
1 files changed, 9 insertions, 5 deletions
diff --git a/bpkg/repository-signing.cli b/bpkg/repository-signing.cli
index 1796497..656599d 100644
--- a/bpkg/repository-signing.cli
+++ b/bpkg/repository-signing.cli
@@ -133,7 +133,8 @@ Add the \cb{certificate:} field for the base repository (\cb{role: base})
in the \cb{repositories} manifest file(s):
\
-certificate: \
+certificate:
+\\
<cert>
\\
\
@@ -143,7 +144,8 @@ Replace \i{cert} with the entire contents of \cb{cert.pem} (including the
an entry like this:
\
-certificate: \
+certificate:
+\\
-----BEGIN CERTIFICATE-----
MIIDQjCCAiqgAwIBAgIJAIUgsIqSnesGMA0GCSqGSIb3DQEBCwUAMDkxFzAVBgNV
.
@@ -193,11 +195,13 @@ just \cb{--key} as at step 4 (\c{\"SIGN key\"} is the label for the slot
\c{9c} private key):
\
-bpkg rep-create \
- --openssl-option rsautl:-engine --openssl-option rsautl:pkcs11 \
- --openssl-option rsautl:-keyform --openssl-option rsautl:engine \
+bpkg rep-create \
+ --openssl-option pkeyutl:-engine --openssl-option pkeyutl:pkcs11 \
+ --openssl-option pkeyutl:-keyform --openssl-option pkeyutl:engine \
--key \"pkcs11:object=SIGN%20key\" /path/to/repository
\
+Note that for \cb{openssl} versions prior to \cb{3.0.0} \cb{bpkg} uses the
+\cb{rsautl} command instead of \cb{pkeyutl} for the data signing operation.
||
"
generated by cgit v1.1 at 2024-04-28 05:41:02 +0000