Automatic pull of documentation from Wiki.

svn path=/trunk/; revision=5560
author: RPKI Documentation Robot <docbot@rpki.net> 2013-10-09 22:00:17 +0000
committer: RPKI Documentation Robot <docbot@rpki.net> 2013-10-09 22:00:17 +0000
commit: ac1970544711673edcde2f1bc2753711f5b1106c (patch)
tree: 6541e2328c171047a729bbd38cdafeb9c219f6b0 /doc
parent: 1abde1996f82ea10b38039892b5a14d03c479334 (diff)
2 files changed, 8 insertions, 0 deletions
diff --git a/doc/doc.RPKI.CA.Configuration.CreatingRoot b/doc/doc.RPKI.CA.Configuration.CreatingRoot
index 093dadce..fbdf0bc4 100644
--- a/doc/doc.RPKI.CA.Configuration.CreatingRoot
+++ b/doc/doc.RPKI.CA.Configuration.CreatingRoot
@@ -67,6 +67,14 @@ rpki.conf:
 
   rpki-root-cert          = ${myrpki::publication_base_directory}/root.cer
 
+You must place the generated root.key in a safe location where it is readable
+by rootd but not accessible to the outside world, then you need to tell rootd
+where to find it by setting the appropriate variable in rpki.conf. The
+directory where the daemons keep their BPKI keys and certificates should be
+suitable for this:
+
+  rpki-root-key           = ${myrpki::bpki_servers_directory}/root.key
+
 To create a TAL format trust anchor locator use the make-tal.sh script from
 $top/rcynic:
 
diff --git a/doc/manual.pdf b/doc/manual.pdf
index b17dfd52..18195703 100644
--- a/doc/manual.pdf
+++ b/doc/manual.pdf
author	RPKI Documentation Robot <docbot@rpki.net>	2013-10-09 22:00:17 +0000
committer	RPKI Documentation Robot <docbot@rpki.net>	2013-10-09 22:00:17 +0000
commit	ac1970544711673edcde2f1bc2753711f5b1106c (patch)
tree	6541e2328c171047a729bbd38cdafeb9c219f6b0 /doc
parent	1abde1996f82ea10b38039892b5a14d03c479334 (diff)