X-Git-Url: https://git.netwichtig.de/gitweb/?a=blobdiff_plain;f=test%2Faux-fixed%2Fexim-ca%2FREADME;h=cb0894640fc4ea4db4dea8ba4f8af1e2f818ae57;hb=cc05007f1dd71890b2b34b7aec5ed12dc5942c73;hp=b8d2a41f99aa53892a107f1f0977d9987f4db433;hpb=57233af5f91cdca9a0232a71fab2d12a538cb1a6;p=user%2Fhenk%2Fcode%2Fexim.git

diff --git a/test/aux-fixed/exim-ca/README b/test/aux-fixed/exim-ca/README
old mode 100644
new mode 100755
index b8d2a41f9..cb0894640
--- a/test/aux-fixed/exim-ca/README
+++ b/test/aux-fixed/exim-ca/README
@@ -1,7 +1,9 @@
 
 The three directories each contain a complete CA with server signing
 certificate, OCSP signing certificate and a selection of server
-certificates under each domain.
+certificates under each domain. The "server1" certificates have
+a CRL distribution point extension; the "server2" ones instead have
+a Authority Key extension/
 
 For each directory there are a number of subdirectories.
 
@@ -22,7 +24,7 @@ by that name; those in the "expired" ones are out-of-date (the
 rest expire in 2038).  The "1" and "2" systems/certs have
 equivalent properties.
 
-In each certicate subdir: the ".db" files are NSS version of the cert,
+In each certificate subdir: the ".db" files are NSS version of the cert,
 the ".pem", ".key" and ".unlocked.key" are usable by OpenSSL (the
 ca_chain.pem being a copy of the CA public information and signer
 public information).
@@ -35,7 +37,7 @@ The ocsp response files are those gotten that way. in .der format;
 is out-of-date, and "revoked" meaning the cert has been revoked.
 
 
-The files were created using the genall script which utilises a
+The files were created using the "genall" script which utilises a
 combination of tools,
 
     openssl
@@ -47,5 +49,9 @@ line CA tool which can be found at
 
     http://people.redhat.com/mpoole/clica/
 
+NOTE:
+ During running of "genall" you need to manipulate the system
+ date/time.  Shutdown ntpd service before doing this, and restart
+ after.