nss_pcache(8)

1nss_pcache(8)                                                    nss_pcache(8)
2
3
4

NAME

6       nss_pcache - Helper program used to store token password pins
7
8

SYNOPSIS

10       nss_pcache <semid> <fips on/off> <directory> [prefix]
11
12

DESCRIPTION

14       A  helper program used by the Apache httpd mod_nss plug-in to store the
15       NSS PKCS #11 token password pins between restarts of Apache.
16
17       Whenever an Apache httpd process configured to use the mod_nss  plug-in
18       is started, this program will be automatically invoked via reference to
19       the mod_nss configuration file stored under  /etc/httpd/conf.d/nss.conf
20       which contains the following default entry:
21
22              #   Pass Phrase Helper:
23              #   This helper program stores the token password pins between
24              #   restarts of Apache.
25              #
26              #   NOTE:  Located at '/usr/sbin/nss_pcache' prior
27              #          to 'mod_nss-1.0.8-22'.
28              #
29              NSSPassPhraseHelper /usr/libexec/nss_pcache
30
31

OPTIONS

33       <semid>
34              The  semaphore  which  corresponds to the mod_nss plug-in regis‐
35              tered with the Apache httpd process during startup.
36
37       <fips on/off>
38              Specifies whether FIPS mode should be enabled, on, or  disabled,
39              off.   By  default,  FIPS  mode  is disabled, and no variable is
40              specified in /etc/httpd/conf.d/nss.conf.  To enable  FIPS  mode,
41              establish  password  access for the specified NSS security data‐
42              bases,    and    specify    the    following     variable     in
43              /etc/httpd/conf.d/nss.conf:
44
45                  NSSFIPS on
46
47       <directory>
48              Specifies  the  destination  directory of the NSS databases that
49              will be associated with this executable specified by the follow‐
50              ing entry in /etc/httpd/conf.d/nss.conf:
51
52                  #   Server Certificate Database:
53                  #   The NSS security database directory that holds the
54                  #   certificates and keys. The database consists
55                  #   of 3 files: cert8.db, key3.db and secmod.db.
56                  #   Provide the directory that these files exist.
57                  NSSCertificateDatabase /etc/httpd/alias
58
59       [prefix]
60              Optional prefix to attach prior to the names of the NSS certifi‐
61              cate and key databases contained in the directory referenced  by
62              the  previous  argument  and specified by the following entry in
63              /etc/httpd/conf.d/nss.conf (must be uncommented in order  to  be
64              utilized):
65
66                  #   Database Prefix:
67
68                  #   In order to be able to store multiple NSS databases
69                  #   in one directory they need unique names. This option
70                  #   sets the database prefix used for cert8.db and key3.db.
71                  #NSSDBPrefix my-prefix-
72
73

BUGS

75       Report bugs to http://bugzilla.redhat.com.
76
77

AUTHORS

79       Rob Crittenden <rcritten@redhat.com>.
80
81

COPYRIGHT

83       Copyright  (c)  2013  Red  Hat,  Inc. This is licensed under the Apache
84       License, Version 2.0 (the "License"); no one may use this  file  except
85       in  compliance with the License. A copy of this license is available at
86       http://www.apache.org/licenses/LICENSE-2.0.
87
88       Unless required by applicable law or agreed  to  in  writing,  software
89       distributed under the License is distributed on an "AS IS" BASIS, WITH‐
90       OUT WARRANTIES OR CONDITIONS OF ANY KIND, either  express  or  implied.
91       See  the  License  for  the specific language governing permissions and
92       limitations under the License.
93
94
95
96Rob Crittenden                    Jul 1 2013                     nss_pcache(8)