summary refs log tree commit diff
path: root/doc/guix.texi
diff options
context:
space:
mode:
authorLudovic Courtès <ludo@gnu.org>2015-03-02 22:25:53 +0100
committerLudovic Courtès <ludo@gnu.org>2015-03-02 22:32:54 +0100
commite979e6dd523acaa2a089f1b8f44e34c1e5b7d32d (patch)
tree94139c84478a1849dcc77b2425337d4d1806e43e /doc/guix.texi
parentd6d9f1f715a727e23412fc9339eb2c5358d5a6ce (diff)
downloadguix-e979e6dd523acaa2a089f1b8f44e34c1e5b7d32d.tar.gz
system: Add 'x509-certificates' field, and populate /etc/ssl/certs.
* gnu/system.scm (<operating-system>)[x509-certificates]: New field.
  (etc-directory): Add #:x509-certificates parameter and honor it.
  (operating-system-etc-directory): Pass #:x509-certificates in
  'etc-directory' call.
* doc/guix.texi (operating-system Reference): Document
  'x509-certificates'.
Diffstat (limited to 'doc/guix.texi')
-rw-r--r--doc/guix.texi13
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/guix.texi b/doc/guix.texi
index bd8091ae51..4be545ea79 100644
--- a/doc/guix.texi
+++ b/doc/guix.texi
@@ -3882,6 +3882,19 @@ Configuration of libc's name service switch (NSS)---a
 @code{<name-service-switch>} object.  @xref{Name Service Switch}, for
 details.
 
+@item @code{x509-certificates} (default: @var{nss-certs})
+This field's value must be a package containing X.509 certificates for
+so-called ``Certification Authorities'' (CAs) that is made available in
+the @file{/etc/ssl/certs} directory.  Currently this directory is
+accessed by applications using either the GnuTLS library or the OpenSSL
+library.
+
+By default, certificates from
+@uref{https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS,
+Mozilla's Network Security Services} are used.  These are the
+certificates shipped by Mozilla browsers and derivatives such as
+GNU@tie{}IceCat.
+
 @item @code{services} (default: @var{%base-services})
 A list of monadic values denoting system services.  @xref{Services}.