From dd6eca8cbfbf1408d001ee3b9dafcd6f46e4b51a Mon Sep 17 00:00:00 2001 From: James Chapman Date: Mon, 19 Feb 2024 11:45:21 +0100 Subject: [PATCH] fix: QA issue Signed-off-by: James Chapman --- README.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index eae1a49..5df4f7d 100644 --- a/README.md +++ b/README.md @@ -37,11 +37,13 @@ make test ``` ## Certificate Signing Request + There are two configuration options that will add a DNS name and IP address to the -subject alternative name in the certificate signing request. +subject alternative name in the certificate signing request. By default they are not added. -- `cmake -DCSR_DNS_NAME=charger.pionix.de ...` to include a DNS name -- `cmake -DCSR_IP_ADDRESS=192.168.2.1 ...` to include an IPv4 address + +- `cmake -DCSR_DNS_NAME=charger.pionix.de ...` to include a DNS name +- `cmake -DCSR_IP_ADDRESS=192.168.2.1 ...` to include an IPv4 address ## TPM There is a configuration option to configure OpenSSL for use with a TPM.
@@ -52,6 +54,7 @@ The library will use the `UseTPM` flag and the PEM private key file to configure whether to use the `default` provider or the `tpm2` provider. Configuration is managed via propquery strings (see CMakeLists.txt) + - `PROPQUERY_DEFAULT` is the string to use when selecting the default provider - `PROPQUERY_TPM2` is the string to use when selecting the tpm2 provider @@ -63,6 +66,7 @@ propquery|action "?provider=tpm2,tpm2.digest!=yes"|prefer the tpm2 provider but not for message digests For more information see: + - [Provider for integration of TPM 2.0 to OpenSSL 3.x](https://github.com/tpm2-software/tpm2-openssl) - [OpenSSL property](https://www.openssl.org/docs/man3.0/man7/property.html) - [OpenSSL provider](https://www.openssl.org/docs/man3.0/man7/provider.html)