summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-03-02 22:25:53 +0100
committerLudovic Courtès <ludo@gnu.org>2015-03-02 22:32:54 +0100
commite979e6dd523acaa2a089f1b8f44e34c1e5b7d32d (patch)
tree94139c84478a1849dcc77b2425337d4d1806e43e /doc
parentd6d9f1f715a727e23412fc9339eb2c5358d5a6ce (diff)
system: Add 'x509-certificates' field, and populate /etc/ssl/certs.
* gnu/system.scm (<operating-system>)[x509-certificates]: New field. (etc-directory): Add #:x509-certificates parameter and honor it. (operating-system-etc-directory): Pass #:x509-certificates in 'etc-directory' call. * doc/guix.texi (operating-system Reference): Document 'x509-certificates'.
Diffstat (limited to 'doc')
-rw-r--r--doc/guix.texi13
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index bd8091ae51..4be545ea79 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3882,6 +3882,19 @@ Configuration of libc's name service switch (NSS)---a
@code{<name-service-switch>} object. @xref{Name Service Switch}, for
details.
+@item @code{x509-certificates} (default: @var{nss-certs})
+This field's value must be a package containing X.509 certificates for
+so-called ``Certification Authorities'' (CAs) that is made available in
+the @file{/etc/ssl/certs} directory. Currently this directory is
+accessed by applications using either the GnuTLS library or the OpenSSL
+library.
+
+By default, certificates from
+@uref{https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS,
+Mozilla's Network Security Services} are used. These are the
+certificates shipped by Mozilla browsers and derivatives such as
+GNU@tie{}IceCat.
+
@item @code{services} (default: @var{%base-services})
A list of monadic values denoting system services. @xref{Services}.