01/01: doc: Add "X.509 Certificates" section under "Application Setup".

guix-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

01/01: doc: Add "X.509 Certificates" section under "Application Setup".

From:	Ludovic Court�s
Subject:	01/01: doc: Add "X.509 Certificates" section under "Application Setup".
Date:	Wed, 20 Apr 2016 16:54:46 +0000

civodul pushed a commit to branch master
in repository guix.

commit b3129f2b761a371105e6d213519e5c71930cb419
Author: Ludovic Courtès <address@hidden>
Date:   Wed Apr 20 18:53:28 2016 +0200

    doc: Add "X.509 Certificates" section under "Application Setup".
    
    Reported by Roel Janssen <address@hidden>.
    
    * doc/guix.texi (Application Setup)[X.509 Certificates]: New section.
    (X.509 Certificates): Add an example of certificates in the profile.
---
 doc/guix.texi |   22 ++++++++++++++++++++--
 1 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/doc/guix.texi b/doc/guix.texi
index 54dc706..859db2b 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -1159,6 +1159,16 @@ for Chinese languages:
 guix package -i font-adobe-source-han-sans:cn
 @end example
 
address@hidden X.509 Certificates
+
+The @code{nss-certs} package provides X.509 certificates, which allow
+programs to authenticate Web servers accessed over HTTPS.
+
+When using Guix on a foreign distro, you can install this package and
+define the relevant environment variables so that packages know where to
+look for certificates.  @pxref{X.509 Certificates}, for detailed
+information.
+
 @subsection Emacs Packages
 
 When you install Emacs packages with Guix, the elisp files may be placed
@@ -9359,14 +9369,22 @@ explicitly add it.  The @file{/etc/ssl/certs} 
directory, which is where
 most applications and libraries look for certificates by default, points
 to the certificates installed globally.
 
-Unprivileged users can also install their own certificate package in
+Unprivileged users, including users of Guix on a foreign distro,
+can also install their own certificate package in
 their profile.  A number of environment variables need to be defined so
 that applications and libraries know where to find them.  Namely, the
 OpenSSL library honors the @code{SSL_CERT_DIR} and @code{SSL_CERT_FILE}
 variables.  Some applications add their own environment variables; for
 instance, the Git version control system honors the certificate bundle
-pointed to by the @code{GIT_SSL_CAINFO} environment variable.
+pointed to by the @code{GIT_SSL_CAINFO} environment variable.  Thus, you
+would typically run something like:
 
address@hidden
+$ guix package -i nss-certs
+$ export SSL_CERT_DIR="$HOME/.guix-profile/etc/ssl/certs"
+$ export SSL_CERT_FILE="$HOME/.guix-profile/etc/ssl/certs/ca-certificates.crt"
+$ export GIT_SSL_CAINFO="$SSL_CERT_FILE"
address@hidden example
 
 @node Name Service Switch
 @subsection Name Service Switch

[Prev in Thread]

Current Thread

[Next in Thread]

branch master updated (f8f83e9 -> b3129f2), Ludovic Court�s, 2016/04/20
- 01/01: doc: Add "X.509 Certificates" section under "Application Setup"., Ludovic Court�s <=

Prev by Date: branch master updated (f8f83e9 -> b3129f2)
Next by Date: 02/05: substitute: Better abbreviate substitute URL in progress report.
Previous by thread: branch master updated (f8f83e9 -> b3129f2)
Next by thread: branch master updated (b3129f2 -> 85fc958)
Index(es):
- Date
- Thread