From: Evan Hunt Date: Wed, 15 Jan 2014 18:01:44 +0000 (-0800) Subject: [master] cleanup pcks11 doc X-Git-Tag: v9.10.0a2~85 X-Git-Url: http://git.ipfire.org/gitweb/?a=commitdiff_plain;h=693a7bb91a2e5daebca340709a8ae2556e865269;p=thirdparty%2Fbind9.git [master] cleanup pcks11 doc --- diff --git a/doc/arm/pkcs11.xml b/doc/arm/pkcs11.xml index fd2b0f86ee1..91018df4f14 100644 --- a/doc/arm/pkcs11.xml +++ b/doc/arm/pkcs11.xml @@ -40,13 +40,13 @@ There are two available mechanisms for PKCS#11 support in BIND 9: - OpenSSL-based PKCS#11 and native PKCS#11. The first mechanism - BIND uses a modified version of OpenSSL which loads the provider - library and operates the HSM indirectly; any cryptographic operations - not supported by the HSM can be carried out by OpenSSL instead. - The second mechanism enables BIND to bypass OpenSSL completely; - BIND loads the provider library and uses the PKCS#11 API to drive - the HSM itself. + OpenSSL-based PKCS#11 and native PKCS#11. When using the first + mechanism, BIND uses a modified version of OpenSSL, which loads + the provider library and operates the HSM indirectly; any + cryptographic operations not supported by the HSM can be carried + out by OpenSSL instead. The second mechanism enables BIND to bypass + OpenSSL completely; BIND loads the provider library itself, and uses + the PKCS#11 API to drive the HSM directly. Prerequisites @@ -75,7 +75,7 @@ $ cd bind9 -$ ./configure --without-openssl --enable-native-pkcs11 \ +$ ./configure --enable-native-pkcs11 \ --with-pkcs11=provider-library-path