1swtpm_setup.conf(8) swtpm_setup.conf(8)
2
6 swtpm_setup.conf - Configuration file for swtpm_setup
7
9 The file /etc/swtpm_setup.conf contains configuration information for
10 the swtpm_setup and swtpm_setup.sh programs. It must only contain one
11 configuration keywork per line, followed by an equals sign (=) and then
12 followed by appropriate configuration information. A comment at the end
13 of the line may be introduced by a hash (#) sign.
14 The following keywords are recognized:
16 create_certs_tool
18 This keyword is to be followed by the name of an executable or
19 exectuable script used for creating various TPM certificates. The
20 tool will be called with the following options
21 --type type
23 This parameter indicates the type of certificate to create. The
24 type parameter may be one of the following: ek, or platform
25 --dir dir
27 This parameter indicates the directory into which the
28 certificate is to be stored. It is expected that the EK
29 certificate is stored in this directory under the name ek.cert
30 and the platform certificate under the name platform.cert.
31 --ek ek
33 This parameter indicates the modulus of the public key of the
34 endorsement key (EK). The public key is provided as a sequence
35 of ASCII hex digits.
36 --vmid ID
38 This parameter indicates the ID of the VM for which to create
39 the certificate.
40 --logfile <logfile>
42 The log file to log output to; by default logging goes to
43 stdout and stderr on the console.
44 --configfile <configuration file>
46 The configuration file to use. This file typically contains
47 configuration information for the invoked program. If omitted,
48 the program must use its default configuration file.
49 --optsfile <options file>
51 The options file to use. This file typically contains options
52 that the invoked program uses. If omitted, the program must use
53 its default options file.
54 --tpm-spec-family <family>, --tpm-spec-level <level>,
56 --tpm-spec-revision <revision>
57 These 3 options describe the TPM specification that was
58 followed for the implementation of the TPM and will be part of
59 the EK certificate.
60 --tpm2
62 This option is passed in case a TPM 2 compliant certificate
63 needs to be created.
64 create_certs_tool_config
66 This keyword is to be followed by the name of a configuration file
67 that will be passed to the invoked program using the --configfile
68 option described above. If omitted, the invoked program will use
69 the default configuration file.
70 create_certs_tool_options
72 This keyword is to be followed by the name of an options file that
73 will be passed to the invoked program using the --optsfile option
74 described above. If omitted, the invoked program will use the
75 default options file.
76
78 swtpm_setup
79
81 Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com>
82swtpm 2017-11-13 swtpm_setup.conf(8)