Ubuntu Manpage: nss_pcache - Helper program used to store token password pins

Provided by: libapache2-mod-nss_1.0.14-1build1_amd64

NAME

       nss_pcache - Helper program used to store token password pins

SYNOPSIS

       nss_pcache <semid> <fips on/off> <directory> [prefix]

DESCRIPTION

       A  helper  program used by the Apache httpd mod_nss plug-in to store the NSS PKCS #11 token password pins
       between restarts of Apache.

       Whenever an Apache httpd process configured to use the mod_nss plug-in is started, this program  will  be
       automatically    invoked    via    reference   to   the   mod_nss   configuration   file   stored   under
       /etc/httpd/conf.d/nss.conf which contains the following default entry:

              #   Pass Phrase Helper:
              #   This helper program stores the token password pins between
              #   restarts of Apache.
              #
              #   NOTE:  Located at '/usr/sbin/nss_pcache' prior
              #          to 'mod_nss-1.0.8-22'.
              #
              NSSPassPhraseHelper /usr/libexec/nss_pcache

OPTIONS

       <semid>
              The semaphore which corresponds to the mod_nss plug-in registered with the  Apache  httpd  process
              during startup.

       <fips on/off>
              Specifies  whether  FIPS  mode  should be enabled, on, or disabled, off.  By default, FIPS mode is
              disabled, and no variable is  specified  in  /etc/httpd/conf.d/nss.conf.   To  enable  FIPS  mode,
              establish  password  access  for  the  specified NSS security databases, and specify the following
              variable in  /etc/httpd/conf.d/nss.conf:

                  NSSFIPS on

       <directory>
              Specifies the destination directory of the  NSS  databases  that  will  be  associated  with  this
              executable specified by the following entry in /etc/httpd/conf.d/nss.conf:

                  #   Server Certificate Database:
                  #   The NSS security database directory that holds the
                  #   certificates and keys. The database consists
                  #   of 3 files: cert8.db, key3.db and secmod.db.
                  #   Provide the directory that these files exist.
                  NSSCertificateDatabase /etc/httpd/alias

       [prefix]
              Optional prefix to attach prior to the names of the NSS certificate and key databases contained in
              the directory referenced by the  previous  argument  and  specified  by  the  following  entry  in
              /etc/httpd/conf.d/nss.conf (must be uncommented in order to be utilized):

                  #   Database Prefix:
                  #   In order to be able to store multiple NSS databases
                  #   in one directory they need unique names. This option
                  #   sets the database prefix used for cert8.db and key3.db.

                  #NSSDBPrefix my-prefix-

BUGS

       Report bugs to http://bugzilla.redhat.com.

AUTHORS

       Rob Crittenden <rcritten@redhat.com>.

COPYRIGHT

       Copyright  (c) 2013 Red Hat, Inc. This is licensed under the Apache License, Version 2.0 (the "License");
       no one may use this file except in compliance with the License. A copy of this license  is  available  at
       http://www.apache.org/licenses/LICENSE-2.0.

       Unless  required  by  applicable  law  or agreed to in writing, software distributed under the License is
       distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
       See the License for the specific language governing permissions and limitations under the License.