From 8f80f412fbdad3acd6c73f292bc9afa9e6f70693 Mon Sep 17 00:00:00 2001 From: Daniel Stenberg Date: Sat, 5 Jan 2013 23:49:29 +0100 Subject: mk-ca-bundle.1: mention new -f, fix outputfile output also edited a few sentences to become more verbose --- docs/mk-ca-bundle.1 | 29 ++++++++++++++++++++--------- 1 file changed, 20 insertions(+), 9 deletions(-) diff --git a/docs/mk-ca-bundle.1 b/docs/mk-ca-bundle.1 index f7904398f..004dc5487 100644 --- a/docs/mk-ca-bundle.1 +++ b/docs/mk-ca-bundle.1 @@ -1,26 +1,35 @@ -.Dd April 27, 2012 +.Dd Jan 5, 2013 .Dt MK-CA-BUNDLE 1 .Os .Sh NAME .Nm mk-ca-bundle -.Nd create a new ca-bundle.crt from mozilla's certdata.txt +.Nd convert mozilla's certdata.txt to PEM format .Sh SYNOPSIS .Nm .Op Fl bilnqtuv -.Or outputfile +[outputfile] .Sh DESCRIPTION The .Nm -tool downloads the certdata.txt file from Mozilla's source tree, then -parses certdata.txt and extracts CA Root Certificates into PEM format. +tool downloads the certdata.txt file from Mozilla's source tree over HTTP, +then parses certdata.txt and extracts CA Root Certificates into PEM format. These are then processed with the OpenSSL commandline tool to produce the -final ca-bundle.crt file. +final ca-bundle file. + +The default \fIoutputfile\fP name is \fBca-bundle.crt\fP. By setting it to '-' +(a single dash) you will get the output sent to STDOUT instead of a file. + +The PEM format this scripts uses for output makes the result readily available +for use by just about all OpenSSL or GnuTLS powered applications, such as +curl, wget and more. .Sh OPTIONS The following options are supported by .Nm : .Bl -tag -width _h .It Fl b -backup an existing version of ca-bundle.crt +backup an existing version of \fIoutputfilename\fP. +.It Fl f +force rebuild even if certdata.txt is current (Added in version 1.17) .It Fl i print version info about used modules .It Fl l @@ -42,9 +51,11 @@ be verbose and print out processed CAs .Xr curl 1 .Sh HISTORY .Nm -was based on the parse-certs script written by +is a command line tool that is shipped as part of every curl and libcurl +release (see http://curl.haxx.se/). It was originally based on the parse-certs +script written by .An Roland Krikava -and hacked by +and was later much improved by .An Guenter Knauf . This manual page was written by .An Jan Schaumann -- cgit v1.2.3