From 61349dcf5fbfeab888ea345ebec3d887777a2782 Mon Sep 17 00:00:00 2001
From: Karen Arutyunov <karen@codesynthesis.com>
Date: Mon, 8 Oct 2018 23:01:16 +0300
Subject: Add support for openssl qualified options

---
 bpkg/repository-signing.cli | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

(limited to 'bpkg/repository-signing.cli')

diff --git a/bpkg/repository-signing.cli b/bpkg/repository-signing.cli
index 0fb59c9..776d82b 100644
--- a/bpkg/repository-signing.cli
+++ b/bpkg/repository-signing.cli
@@ -190,13 +190,14 @@ media, store it in a secure, offline location, and remove the key from the
 build machine.
 
 To sign the repository with Yubikey specify the following options instead of
-just \cb{--key} as at step 4 (\c{\"SIGN key\"} is the name for slot \c{9c}):
+just \cb{--key} as at step 4 (\c{\"SIGN key\"} is the label for the slot
+\c{9c} private key):
 
 \
-bpkg rep-create                                     \
-  --openssl-option -engine --openssl-option pkcs11  \
-  --openssl-option -keyform --openssl-option engine \
-  --key \"label_SIGN key\" /path/to/repository
+bpkg rep-create                                                   \
+  --openssl-option rsautl:-engine --openssl-option rsautl:pkcs11  \
+  --openssl-option rsautl:-keyform --openssl-option rsautl:engine \
+  --key \"pkcs11:object=SIGN%20key\" /path/to/repository
 \
 
 ||
-- 
cgit v1.1