1crlhelper(8) crlhelper(8)
2
6 crlhelper - Helper program used to store-and-forward CRLs
7
10 crlhelper <semid> <parentpid> <directory> [prefix]
11
14 A helper program used by the Apache httpd mod_revocator plug-in to
15 store-and-forward CRLs from upstream to the various Apache processes in
16 the preform MPM. This saves each process from having to fetch the CRL
17 itself. This is not expected to be run by end-users.
18 The mod_revocator plug-in requires the mod_nss plug-in to also be reg‐
20 istered with this Apache httpd process.
21 Whenever an Apache httpd process configured to use the mod_revocator
23 plug-in is started, this program will be automatically invoked via ref‐
24 erence to the mod_revocator configuration file stored under
25 /etc/httpd/conf.d/revocator.conf which contains the following default
26 entry:
27 # CRL Helper:
29 # This helper program does the actual CRL retrieval
30 #
31 # NOTE: Located at '/usr/bin/crlhelper' prior
32 # to 'mod_revocator-1.0.3-16'.
33 #
34 CRLHelper /usr/libexec/crlhelper
35
38 <semid>
39 The semaphore which corresponds to the mod_revocator plug-in
40 registered with the Apache httpd process during startup.
41 <parentpid>
43 The primary parent pid of the Apache httpd process into which
44 both the mod_nss and mod_revocator plug-ins have been loaded.
45 <directory>
47 Since the mod_revocator plug-in depends upon the mod_nss plug-in
48 being configured, this option specifies the destination direc‐
49 tory of the NSS databases that will be associated with this exe‐
50 cutable specified by the following entry in the mod_nss plug-
51 in's /etc/httpd/conf.d/nss.conf configuration file:
52 # Server Certificate Database:
54 # The NSS security database directory that holds the
55 # certificates and keys. The database consists
56 # of 3 files: cert8.db, key3.db and secmod.db.
57 # Provide the directory that these files exist.
58 NSSCertificateDatabase /etc/httpd/alias
59 [prefix]
61 Optional prefix to attach prior to the names of the NSS certifi‐
62 cate and key databases contained in the directory referenced by
63 the previous argument and specified by the following entry in
64 mod_nss plug-in's /etc/httpd/conf.d/nss.conf configuration file
65 (must be uncommented in order to be utilized):
66 # Database Prefix:
68 # In order to be able to store multiple NSS databases
69 # in one directory they need unique names. This option
70 # sets the database prefix used for cert8.db and key3.db.
71 #NSSDBPrefix my-prefix-
72
75 Report bugs to http://bugzilla.redhat.com.
76
79 Rob Crittenden <rcritten@redhat.com>.
80
83 Copyright (c) 2013 Red Hat, Inc. This is licensed under the Apache
84 License, Version 2.0 (the "License"); no one may use this file except
85 in compliance with the License. A copy of this license is available at
86 http://www.apache.org/licenses/LICENSE-2.0.
87 Unless required by applicable law or agreed to in writing, software
89 distributed under the License is distributed on an "AS IS" BASIS, WITH‐
90 OUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
91 See the License for the specific language governing permissions and
92 limitations under the License.
93Rob Crittenden Jul 3 2013 crlhelper(8)