NSS-POLICY-CHECK(1) NSS Security Tools NSS-POLICY-CHECK(1) NAME nss-policy-check - nss-policy-check policy-file SYNOPSIS nss-policy-check DESCRIPTION nss-policy-check verifies crypto-policy configuration that controls certain crypto algorithms are allowed/disallowed to use in the NSS library. The crypto-policy configuration can be stored in either a system-wide configuration file, specified with the POLICY_PATH and POLICY_FILE build options, or in the pkcs11.txt in NSS database. USAGE AND EXAMPLES To check the global crypto-policy configuration in /etc/crypto-policies/back-ends/nss.config: $ nss-policy-check /etc/crypto-policies/back-ends/nss.config NSS-POLICY-INFO: LOADED-SUCCESSFULLY NSS-POLICY-INFO: PRIME256V1 is enabled for KX NSS-POLICY-INFO: PRIME256V1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP256R1 is enabled for KX NSS-POLICY-INFO: SECP256R1 is enabled for CERT-SIGNATURE NSS-POLICY-INFO: SECP384R1 is enabled for KX NSS-POLICY-INFO: SECP384R1 is enabled for CERT-SIGNATURE ... NSS-POLICY-INFO: NUMBER-OF-SSL-ALG-KX: 13 NSS-POLICY-INFO: NUMBER-OF-SSL-ALG: 9 NSS-POLICY-INFO: NUMBER-OF-CERT-SIG: 9 ... NSS-POLICY-INFO: ciphersuite TLS_AES_128_GCM_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_CHACHA20_POLY1305_SHA256 is enabled NSS-POLICY-INFO: ciphersuite TLS_AES_256_GCM_SHA384 is enabled ... NSS-POLICY-INFO: NUMBER-OF-CIPHERSUITES: 24 NSS-POLICY-INFO: NUMBER-OF-TLS-VERSIONS: 3 NSS-POLICY-INFO: NUMBER-OF-DTLS-VERSIONS: 2 If there is a failure or warning, it will be prefixed with NSS-POLICY-FAIL or NSS-POLICY_WARN. nss-policy-check exits with 2 if any failure is found, 1 if any warning is found, or 0 if no errors are found. ADDITIONAL RESOURCES For information about NSS and other tools related to NSS (like JSS), check out the NSS project wiki at http://www.mozilla.org/projects/security/pki/nss/. The NSS site relates directly to NSS code changes and releases. Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto IRC: Freenode at #dogtag-pki AUTHORS The NSS tools were written and maintained by developers with Netscape, Red Hat, Sun, Oracle, Mozilla, and Google. Authors: Elio Maldonado <emaldona AT redhat.com>, Deon Lackey <dlackey AT redhat.com>. LICENSE Licensed under the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. nss-tools 3.90.0 Nov 13 2013 NSS-POLICY-CHECK(1)
Generated by $Id: phpMan.php,v 4.55 2007/09/05 04:42:51 chedong Exp $ Author: Che Dong
On Apache
Under GNU General Public License
2024-04-28 07:48 @18.218.184.214 CrawledBy Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)