DWS/chrony
1
0
Fork 0
mirror of https://gitlab.com/chrony/chrony.git synced 2025-12-07 11:25:08 -05:00
Code Issues Packages Projects Releases Wiki Activity

nts: allow ntstrustedcerts to specify directory

Browse Source 
If the specified path is a directory, load all certificates in the
directory.
This commit is contained in:
Miroslav Lichvar
2021-02-11 15:43:49 +01:00
parent 316d47e3b4
commit 26ce610155
5 changed files with 30 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
doc/chrony.conf.adoc
View File

@@ -750,14 +750,14 @@ This directive specifies the maximum interval between NTS-KE handshakes (in
seconds) in order to refresh the keys authenticating NTP packets. The default
value is 2419200 (4 weeks).
[[ntstrustedcerts]]*ntstrustedcerts* _file_::
This directive specifies a file containing certificates (in the PEM format) of
trusted certificate authorities (CA) that should be used to verify certificates
of NTS servers in addition to the system's default trusted CAs (if the
*nosystemcert* directive is not present).
[[ntstrustedcerts]]*ntstrustedcerts* _file_|_directory_::
This directive specifies a file or directory containing certificates (in the
PEM format) of trusted certificate authorities (CA) that should be used to
verify certificates of NTS servers in addition to the system's default trusted
CAs (if the *nosystemcert* directive is not present).
+
This directive can be used multiple times to specify multiple files with
trusted certificates.
This directive can be used multiple times to specify multiple files and/or
directories with trusted certificates.
[[nosystemcert]]*nosystemcert*::
This directive disables the system's default trusted CAs.