[rs-commit] r71 - in /rs-manual/trunk/src/site: ./ xhtml5/ xhtml5/mod/

rs-commit at redwax.eu rs-commit at redwax.eu
Mon Sep 2 23:10:55 CEST 2019


Author: minfrin at redwax.eu
Date: Mon Sep  2 23:10:54 2019
New Revision: 71

Log:
Move modules to the mod directory.

Added:
    rs-manual/trunk/src/site/xhtml5/mod/
    rs-manual/trunk/src/site/xhtml5/mod/mod_ca.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_ca.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_crl.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_crl.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_csr.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_csr.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_ocsp.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_ocsp.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_pkcs12.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_pkcs12.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_scep.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod/mod_spkac.xhtml5
      - copied unchanged from r70, rs-manual/trunk/src/site/xhtml5/mod_spkac.xhtml5
Removed:
    rs-manual/trunk/src/site/xhtml5/mod_ca.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_crl.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_csr.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_ocsp.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_pkcs12.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_scep.xhtml5
    rs-manual/trunk/src/site/xhtml5/mod_spkac.xhtml5
Modified:
    rs-manual/trunk/src/site/site.xml

Modified: rs-manual/trunk/src/site/site.xml
==============================================================================
--- rs-manual/trunk/src/site/site.xml	(original)
+++ rs-manual/trunk/src/site/site.xml	Mon Sep  2 23:10:54 2019
@@ -35,13 +35,13 @@
       <item name="User Guide" href="userguide.html"/>
       <item name="FAQ" href="faq.html"/>
       <item name="Glossary" href="glossary.html"/>
-      <item name="mod_ca Module" href="mod_ca.html"/>
-      <item name="mod_crl Module" href="mod_crl.html"/>
-      <item name="mod_csr Module" href="mod_csr.html"/>
-      <item name="mod_ocsp Module" href="mod_ocsp.html"/>
-      <item name="mod_pkcs12 Module" href="mod_pkcs12.html"/>
-      <item name="mod_scep Module" href="mod_scep.html"/>
-      <item name="mod_spkac Module" href="mod_spkac.html"/>
+      <item name="mod_ca Module" href="mod/mod_ca.html"/>
+      <item name="mod_crl Module" href="mod/mod_crl.html"/>
+      <item name="mod_csr Module" href="mod/mod_csr.html"/>
+      <item name="mod_ocsp Module" href="mod/mod_ocsp.html"/>
+      <item name="mod_pkcs12 Module" href="mod/mod_pkcs12.html"/>
+      <item name="mod_scep Module" href="mod/mod_scep.html"/>
+      <item name="mod_spkac Module" href="mod/mod_spkac.html"/>
     </menu>
 
     <links>

Removed: rs-manual/trunk/src/site/xhtml5/mod_ca.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_ca.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_ca.xhtml5	(removed)
@@ -1,56 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>Virtual Library</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section>
-        <header>
-          <h2>My Header</h2>
-        </header>
-        <div class="content">
-          <p>Moved to <a href="http://example.org/">example.org</a>.</p>
-
-<table>
-<tbody>
-<tr>
-  <td>Description</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Syntax</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Default</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Context</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Status</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Module</td>
-  <td>Foo</td>
-</tr>
-<tr>
-  <td>Compatibility</td>
-  <td>Foo</td>
-</tr>
-</tbody>
-</table>
-
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>
-

Removed: rs-manual/trunk/src/site/xhtml5/mod_crl.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_crl.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_crl.xhtml5	(removed)
@@ -1,313 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_crl Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>Certificate Revocation List Module</h2>
-          <p>Generate and return a certificate revocation list as a response.</p>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-
-                <p>
-                  Based on configuration of the backend modules, the certificate chain
-                  is returned as a DER or PEM encoded certificate revocation list as
-                  per <a href="https://tools.ietf.org/html/rfc5280">RFC5280</a>.
-                </p>
-
-<!-- support the Accept header -->
-
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_crl</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_crl</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_crl</code>
-            module uses the following hook to get the certificate revocation list, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All <a href="mod_ca.html#frontend">frontend modules</a> run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_crl.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getcrl">Certificate Revocation List Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns the certificate revocation list for the configured
-                  certificate authority.
-                </p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_crl.html#ca_getcrl">mod_ca_crl</a>
-                      </td>
-                      <td>Read the certificate sign request from disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: return the certificate revocation list to anybody who wants one.</p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_crl.c>
-  # return this crl
-  CACRLCertificateRevocationList /etc/pki/tls/ca-crl.pem
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_crl.c>
-  <Location /crl>
-    SetHandler crl
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>CrlFreshness Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>The max-age of the certificate revocation list will be divided by this
-                        factor.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CrlFreshness factor [max-seconds]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CrlFreshness 2 86400</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_crl</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_crl 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>The age of the certificate revocation list will be divided by this 
-                  factor when added as a max-age, set
-                  to zero to disable. Defaults to "2". An optional maximum value
-                  can be specified, defaults
-                  to one day.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CrlLocation Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CrlLocation url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CrlLocation [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_crl</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_crl 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CrlEncoding Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the default encoding to be returned if not specified.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CrlEncoding encoding</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CrlEncoding der</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_crl</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_crl 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the default encoding to be returned if not specified. Must be
-                  one of "pem", "x-pem" or "der".
-                </p>
-
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>
-

Removed: rs-manual/trunk/src/site/xhtml5/mod_csr.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_csr.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_csr.xhtml5	(removed)
@@ -1,803 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_csr Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>Certificate Sign Request Module</h2>
-          <p>Generate and issue certificates in response to an X509
-            certificate request.</p>
-
-          <div class="index align-left">
-
-
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-                <p>
-                  This module accepts a
-                  <code>application/x-www-form-urlencoded</code>
-                  form submission request
-                  containing a PEM encoded PKCS10 X509 certificate request among further
-                  optional
-                  parameters.
-                </p>
-
-                <p>Based on configuration, parameters can be passed from the
-                  incoming certificate sign request,
-                  optional form parameters, or explicit expressions, and a new
-                  certificate sign request with
-                  acceptable parameters is passed to suitably configured backend modules
-                  for request authorisation,
-                  certificate signing and issuing, and certificate storage.</p>
-
-                <p>
-                  The resulting certificate chain is returned by default as a DER
-                  encoded PKCS7
-                  certificate. If the
-                  <code>Accept</code>
-                  header is given in the request and set
-                  to
-                  <code>application/pkcs7-mime</code>
-                  , the certificate chain is returned as a PEM encoded
-                  PKCS7 certificate instead.
-                </p>
-
-                <p>
-                  This module can be configured to respond to
-                  <a
-                    href="https://blogs.msdn.microsoft.com/ieinternals/2010/05/14/certificate-enrollment-from-the-browser/">
-                    CertEnroll requests</a>
-                  as supported by Microsoft Internet Explorer.
-                </p>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_csr</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_csr</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_csr</code>
-            module uses the following hooks to authorise, sign/issue and
-            store a
-            certificate, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All <a href="mod_ca.html#frontend">frontend modules</a> run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_csr.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_reqauthz">Request Authorization Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows you to verify the parameters
-                  included with the certificate sign request, such as the
-                  challenge password. If left unconfigured, all certificate
-                  requests will be accepted.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_reqauthz">mod_ca_ldap</a>
-                      </td>
-                      <td>Allows the certificate sign request to be verified
-                        against an LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_sign">Sign Request Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hooks signs the certificate sign request and returns the
-                  issued certificate. The hook is mandatory, and the request will
-                  be rejected if left unconfigured.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_disk.html#ca_sign">mod_ca_disk</a>
-                      </td>
-                      <td>Allows certificate sign requests to be saved to disk for
-                        later out of band processing. The response will redirect the
-                        caller to where the certificate can be collected.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_sign">mod_ca_engine</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_sign">mod_ca_simple</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_certstore">Certificate Storage Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows the newly generated certificate to
-                  be stored locally or in a database or directory. If left
-                  unconfigured, no local copy of the certificate will be stored.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_certstore">mod_ca_ldap</a>
-                      </td>
-                      <td>Saves the newly issued PKCS7 certificate and chain to an
-                        LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: issue a certificate to anybody who wants one.</p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_csr.c>
-  <Location /csr>
-    SetHandler csr
-    # use subject from the certificate sign request unmodified
-    CsrSubjectRequest *
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Logged In Example</h3>
-              </header>
-              <div class="content">
-                <p>A more typical scenario: issue a certificate to a logged in user.</p>
-                <p>In this example it is assumed that Apache configuration exists that
-                authenticates a user against a database, directory, a token, or a previous
-                certificate.
-                </p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_csr.c>
-  <Location /csr>
-    SetHandler csr
-    # standard Apache authorisation
-    Require valid-user
-    # set the common name to the logged in username
-    CsrSubjectSet CN %{REMOTE_USER}
-    # set a fixed OU field in the subject
-    CsrSubjectSet OU "Terms and Conditions Apply"
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>CsrFreshness Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>The max-age of the certificates will be divided by this
-                        factor.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrFreshness factor [max-seconds]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrFreshness 2 86400</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>The age of the certificates will be divided by this factor
-                  when added as a max-age, set
-                  to zero to disable. Defaults to "2". An optional maximum value
-                  can be specified, defaults
-                  to one day.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrLocation Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrLocation url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrLocation [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrParamPkcs10 Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the name of the form parameter containing the PEM
-                        encoded PKCS10 certificate sign request.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrParamPkcs10 param</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrParamPkcs10 pkcs10</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the name of the form parameter containing the PEM encoded
-                  PKCS10 certificate sign request.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrParamChallenge Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the name of the form parameter containing the
-                        challenge.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrParamChallenge param</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrParamChallenge challenge</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the name of the form parameter containing the challenge,
-                  if not present in the certificate sign request.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrSize Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the maximum size of the form submitted by the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrSize bytes</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrSize 131072</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the maximum size of the form request from the client.
-                  This value cannot be smaller than 4096 bytes.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrSubjectAltNameRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the certificate request subject
-                        alternative name that will be copied over to the
-                        certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrSubjectAltNameRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the certificate request subject alternative name that will
-                  be copied over to the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrSubjectAltNameSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject alternative name.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrSubjectAltNameSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject alternative name.</p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrSubjectRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the certificate request subject that
-                        will be copied over to the certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrSubjectRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>CsrSubjectRequest field 1</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the certificate request subject that will
-                  be copied over to the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>CsrSubjectSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>CsrSubjectSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_csr</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_csr 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject. Subject attribute name is configured first, then
-                  the expression.</p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>
-

Removed: rs-manual/trunk/src/site/xhtml5/mod_ocsp.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_ocsp.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_ocsp.xhtml5	(removed)
@@ -1,874 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_ocsp Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>Online Certificate Status Protocol Module</h2>
-          <p>Respond with the revocation status of a certificate.</p>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-
-                <p>
-                  Based on configuration of the backend modules, an Online Certificate
-                  Status Protocol response is returned for the given certificate as
-                  per <a href="https://tools.ietf.org/html/rfc6960">RFC6960</a>.
-                </p>
-
-<!-- support the Accept header -->
-
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_ocsp</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_ocsp</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_ocsp</code>
-            module uses the following hook to check the certificate status against
-            the certificate revocation list, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All <a href="mod_ca.html#frontend">frontend modules</a> run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_ocsp-1.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getca">Get CA Certificate Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns CA certificates for the given CA.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_getca">mod_ca_engine</a>
-                      </td>
-                      <td>Returns CA certificates that would sign certificate sign requests by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_getca">mod_ca_simple</a>
-                      </td>
-                      <td>Returns CA certificates that would sign certificate sign requests by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getcertstatus">Certificate Status Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns the certificate status for the given certificate.
-                </p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_crl.html#ca_getcertstatus">mod_ca_crl</a>
-                      </td>
-                      <td>Check the certificate status against the certificate sign request from disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: return the certificate revocation list to anybody who wants one.</p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_crl.c>
-  # return this crl
-  CACRLCertificateRevocationList /etc/pki/tls/ca-crl.pem
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_ocsp.c>
-  <Location /ocsp>
-    SetHandler ocsp
-    OcspSigningCertificate /etc/pki/tls/ocsp.cert
-    OcspSigningKey /etc/pki/tls/ocsp.key
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>OcspSigningCertificate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the signing certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspSigningCertificate filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the signing certificate.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspSigningKey Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the signing key.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspSigningKey filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the signing key.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspOtherCertificates Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of a file containing other certificates to add to the response.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspOtherCertificates filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of a file containing other certificates to add to the response.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspSize Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the maximum size of the OCSP request from the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspSize bytes</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspSize 131072</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the maximum size of the OCSP request from the client.
-                  This value cannot be smaller than 4096 bytes.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspLocation Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspLocation url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspLocation [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspNextUpdate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the number of seconds until the next update.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspNextUpdate seconds</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspNextUpdate 0</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the number of seconds until the next update. Defaults
-                  to zero (to disable).</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspNoCertificates Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to 'on' to suppress the sending of certificates in the response.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspNoCertificates flag</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspNoCertificates off</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to 'on' to suppress the sending of certificates in the
-                 response. Defaults to 'off'.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspIdentifyByKeyID Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to 'on' to identify the signer certificate by key ID.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspIdentifyByKeyID flag</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspIdentifyByKeyID off</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to 'on' to identify the signer certificate by key ID. Defaults
-                  to 'off' for subject name.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspOverrideReason Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Mark all certificates as revoked, giving this reason.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspOverrideReason string</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Mark all certificates as revoked, giving this reason.
-                </p>
-                
-                <p>Reasons must be one of:
-                </p>
-                
-                <ul>
-                  <li>unspecified</li>
-                  <li>keyCompromise</li>
-                  <li>CACompromise</li>
-                  <li>affiliationChanged</li>
-                  <li>superseded</li>
-                  <li>cessationOfOperation</li>
-                  <li>certificateHold</li>
-                  <li>removeFromCRL</li>
-                </ul>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspOverrideRevocationTime Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>If all certificates are revoked, add this revocation time.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspOverrideRevocationTime YYYYMMDDHHMMSSZ</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>None</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>If all certificates are revoked, add this revocation time, formatted
-                  as per http://tools.ietf.org/html/rfc2459#section-4.1.2.5.2
-                  (YYYYMMDDHHMMSSZ)</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspOverrideInvalidityDate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>If all certificates are revoked, add this invalidity date.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspOverrideInvalidityDate YYYYMMDDHHMMSSZ</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>None</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>If all certificates are revoked, add this invalidity date, formatted
-                 as per http://tools.ietf.org/html/rfc2459#section-4.1.2.5.2
-                 (YYYYMMDDHHMMSSZ)
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspOverrideHoldInstruction Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>If all certificates are revoked, add this hold instruction.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspOverrideHoldInstruction string</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>If all certificates are revoked, add this hold instruction, formatted
-                 as an OID.
-                </p>
-                
-                <p>Instructions must be one of:
-                </p>
-                
-                <ul>
-                  <li>holdInstructionCallIssuer</li>
-                  <li>holdInstructionReject</li>
-                </ul>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>OcspFreshness Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>The max-age of the certificate revocation list will be divided by this
-                        factor.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>OcspFreshness factor [max-seconds]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>OcspFreshness 2 86400</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_ocsp</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_ocsp 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>The age of the certificate revocation list will be divided by this 
-                  factor when added as a max-age, set
-                  to zero to disable. Defaults to "2". An optional maximum value
-                  can be specified, defaults
-                  to one day.</p>
-
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>
-

Removed: rs-manual/trunk/src/site/xhtml5/mod_pkcs12.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_pkcs12.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_pkcs12.xhtml5	(removed)
@@ -1,1003 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_pkcs12 Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>PKCS12 Module</h2>
-          <p>Generate public/private key pairs and and issue certificates in response
-            to a <code>application/x-www-form-urlencoded</code> form request.</p>
-
-          <div class="index align-left">
-
-
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-                <p>
-                  This module accepts a
-                  <code>application/x-www-form-urlencoded</code>
-                  form submission request
-                  containing optional parameters.
-                </p>
-
-                <p>Based on configuration, optional form parameters can be passed from the
-                  incoming request, or explicit expressions, and a new
-                  certificate sign request with
-                  acceptable parameters is passed to suitably configured backend modules
-                  for request authorisation,
-                  certificate signing and issuing, and certificate storage.</p>
-
-                <p>
-                  The resulting certificate chain and private key is returned as a DER
-                  encoded PKCS12
-                  certificate and key.
-                </p>
-
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_pkcs12</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_pkcs12</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_pkcs12</code>
-            module uses the following hooks to authorise, sign/issue and
-            store a
-            certificate, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All <a href="mod_ca.html#frontend">frontend modules</a> run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_pkcs12.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_reqauthz">Request Authorization Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows you to verify the parameters
-                  included with the certificate sign request, such as the
-                  challenge password. If left unconfigured, all certificate
-                  requests will be accepted.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_reqauthz">mod_ca_ldap</a>
-                      </td>
-                      <td>Allows the certificate sign request to be verified
-                        against an LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_makekey">Make Key Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook generates a public/private key pair. The hook is
-                  mandatory, and the request will be rejected if left unconfigured.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_makekey">mod_ca_simple</a>
-                      </td>
-                      <td>Generates a public/private key.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_sign">Sign Request Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hooks signs the certificate sign request and returns the
-                  issued certificate. The hook is mandatory, and the request will
-                  be rejected if left unconfigured.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_disk.html#ca_sign">mod_ca_disk</a>
-                      </td>
-                      <td>Allows certificate sign requests to be saved to disk for
-                        later out of band processing. The response will redirect the
-                        caller to where the certificate can be collected.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_sign">mod_ca_engine</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_sign">mod_ca_simple</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_certstore">Certificate Storage Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows the newly generated certificate to
-                  be stored locally or in a database or directory. If left
-                  unconfigured, no local copy of the certificate will be stored.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_certstore">mod_ca_ldap</a>
-                      </td>
-                      <td>Saves the newly issued PKCS7 certificate and chain to an
-                        LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: issue a certificate to anybody who wants one.</p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_pkcs12.c>
-  <Location /pkcs12>
-    SetHandler pkcs12
-    # use subject from the certificate sign request unmodified
-    Pkcs12SubjectRequest *
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Logged In Example</h3>
-              </header>
-              <div class="content">
-                <p>A more typical scenario: issue a certificate to a logged in user.</p>
-                <p>In this example it is assumed that Apache configuration exists that
-                authenticates a user against a database, directory, a token, or a previous
-                certificate.
-                </p>
-<pre><code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_pkcs12.c>
-  <Location /pkcs12>
-    SetHandler pkcs12
-    # standard Apache authorisation
-    Require valid-user
-    # set the common name to the logged in username
-    Pkcs12SubjectSet CN %{REMOTE_USER}
-    # set a fixed OU field in the subject
-    Pkcs12SubjectSet OU "Terms and Conditions Apply"
-  </Location>
-</IfModule>
-]]></code></pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Pkcs12Size Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the maximum size of the form submitted by the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12Size bytes</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12Size 131072</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the maximum size of the form request from the client.
-                  This value cannot be smaller than 4096 bytes.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12ParamChallenge Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the name of the form parameter containing the
-                        challenge.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12ParamChallenge param</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12ParamChallenge challenge</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the name of the form parameter containing the challenge.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12ParamNickname Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the request variable from the client containing the certificate nickname..</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12ParamNickname param</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12ParamNickname challenge</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the request variable from the client containing the certificate nickname. Overrides the Pkcs12Nickname directive.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12Location Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12Location url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12Location [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12SubjectAltNameRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify parameters in the form that will be copied over to the
-                        certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12SubjectAltNameRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify parameters in the form that will
-                  be copied over to the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12SubjectAltNameSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject alternative name.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12SubjectAltNameSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject alternative name.</p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12SubjectRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify parameters in the request that
-                        will be copied over to the subject in the certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12SubjectRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12SubjectRequest field 1</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify parameters in the request that will
-                  be copied over to the certificate's subject, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12SubjectSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>PkcsSubjectSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject. Subject attribute name is configured first, then
-                  the expression.</p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12Iterate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the number of iterations.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12Iterate iterations</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12Iterate 2048</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the number of iterations. Defaults to 2048.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12Digest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the mac digest used on the PKCS12.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12Digest digest</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12Digest SHA256</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the mac digest used on the PKCS12. Defaults to SHA256.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12CertificatePBE Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify the certificate PBE algorithm.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12CertificatePBE algorithm</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12CertificatePBE PBE-SHA1-3DES</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify the certificate PBE algorithm. Defaults to PBE-SHA1-3DES.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12KeyPBE Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify the key PBE algorithm.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12KeyPBE algorithm</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12KeyPBE PBE-SHA1-3DES</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify the key PBE algorithm. Defaults to PBE-SHA1-3DES.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Pkcs12Nickname Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to an expression that resolves to the nickname of the certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>Pkcs12Nickname name</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>Pkcs12Nickname certificate</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_pkcs12</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_pkcs12 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to an expression that resolves to the nickname of the certificate. Defaults to "certificate".</p>
-
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>
-

Removed: rs-manual/trunk/src/site/xhtml5/mod_scep.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_scep.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_scep.xhtml5	(removed)
@@ -1,1003 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_scep Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>Simple Certificate Enrollment Protocol Module</h2>
-          <p>Generate and issue certificates using the SCEP protocol.</p>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-                <p>
-                  This module implements a <a href="https://tools.ietf.org/html/draft-gutmann-scep-14">
-                  Simple Certificate Enrollment Protocol</a> endpoint that is capable of signing
-                  and issuing certificates on behalf of a suitable client.
-                </p>
-
-                <p>Based on configuration, parameters can be passed from the
-                  incoming certificate sign request embedded within the SCEP request, or explicit expressions, and a new
-                  certificate sign request with
-                  acceptable parameters is passed to suitably configured backend modules
-                  for request authorisation,
-                  certificate signing and issuing, and certificate storage.</p>
-
-                <p>
-                  The following SCEP operations are supported:
-                </p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>GetCACaps</td><td>SCEP CA capabilities.</td>
-                    </tr>
-                    <tr>
-                      <td>GetCACert</td><td>Return the CA certificate and RA certificate for this CA.</td>
-                    </tr>
-                    <tr>
-                      <td>GetNextCACert</td><td>Return the next CA certificate that will be used for future signing.</td>
-                    </tr>
-                    <tr>
-                      <td>PKIOperation PKCSReq</td><td>Request a certificate via a certificate sign request.</td>
-                    </tr>
-                    <tr>
-                      <td>PKIOperation CertPoll (GetCertInitial)</td><td>Poll for a certificate that was previously requested.</td>
-                    </tr>
-                    <tr>
-                      <td>PKIOperation GetCert</td><td>Request a copy of a previously issued certificate.</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>
-                  This module can be configured to respond to SCEP client requests as implemented
-                  by iOS and MacOS.
-                </p>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_scep</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_scep</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_scep</code>
-            module uses the following hooks to authorise, sign/issue and
-            store a
-            certificate, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All
-            <a href="mod_ca.html#frontend">frontend modules</a>
-            run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_scep-1.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_reqauthz">Request Authorization Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows you to verify the parameters
-                  included with the certificate sign request, such as the
-                  challenge password. If left unconfigured, all certificate
-                  requests will be accepted.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_reqauthz">mod_ca_ldap</a>
-                      </td>
-                      <td>Allows the certificate sign request to be verified
-                        against an LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_sign">Sign Request Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hooks signs the certificate sign request and returns the
-                  issued certificate. The hook is mandatory, and the request will
-                  be rejected if left unconfigured.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_disk.html#ca_sign">mod_ca_disk</a>
-                      </td>
-                      <td>Allows certificate sign requests to be saved to disk for
-                        later out of band processing. The response will redirect the
-                        caller to where the certificate can be collected.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_sign">mod_ca_engine</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_sign">mod_ca_simple</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_certstore">Certificate Storage Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows the newly generated certificate to
-                  be stored locally or in a database or directory. If left
-                  unconfigured, no local copy of the certificate will be stored.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_certstore">mod_ca_ldap</a>
-                      </td>
-                      <td>Saves the newly issued PKCS7 certificate and chain to an
-                        LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-
-          <div>
-            <img src="images/mod_scep-2.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getcert">Get Certificate Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns certificates that were requested previously and
-                  generated at a possibly later date or time.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_disk.html#ca_reqauthz">mod_ca_disk</a>
-                      </td>
-                      <td>Returns a certificate from a location on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-          </div>
-
-          <div>
-            <img src="images/mod_scep-3.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getca">Get CA Certificate Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns CA certificates for the given CA.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_getca">mod_ca_engine</a>
-                      </td>
-                      <td>Returns CA certificates that would sign certificate sign requests by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_getca">mod_ca_simple</a>
-                      </td>
-                      <td>Returns CA certificates that would sign certificate sign requests by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_getnextca">Get Next CA Certificate Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hook returns certificates that were requested previously and
-                  generated at a possibly later date or time.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_getca">mod_ca_engine</a>
-                      </td>
-                      <td>Returns the upcoming next CA certificates that would sign
-                        certificate sign requests by an HSM such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_getca">mod_ca_simple</a>
-                      </td>
-                      <td>Returns the upcoming next CA certificates that would sign
-                        certificate sign requests by a certificate and key specified
-                        on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-          </div>
-
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: issue a certificate to anybody who wants
-                  one.</p>
-                <pre>
-                  <code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_scep.c>
-  <Location /scep>
-    SetHandler scep
-    # use subject from the certificate sign request unmodified
-    ScepSubjectRequest *
-  </Location>
-</IfModule>
-]]></code>
-                </pre>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Logged In Example</h3>
-              </header>
-              <div class="content">
-                <p>A more typical scenario: issue a certificate to a logged in
-                  user.</p>
-                <p>In this example it is assumed that Apache configuration
-                  exists that
-                  authenticates a user against a database, directory, a token, or a previous
-                  certificate.
-                </p>
-                <pre>
-                  <code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_scep.c>
-  <Location /scep>
-    SetHandler scep
-    # standard Apache authorisation
-    Require valid-user
-    # set the common name to the logged in username
-    ScepSubjectSet CN %{REMOTE_USER}
-    # set a fixed OU field in the subject
-    ScepSubjectSet OU "Terms and Conditions Apply"
-  </Location>
-</IfModule>
-]]></code>
-                </pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>ScepCRLURL Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>GetCRL will be redirected to this URL.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepCRLURL url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>
-                  If set, attempts at GetCRL will be redirected to this URL.
-                  GetCRL will be
-                  rejected with
-                  <code>400 Bad Request</code>
-                  otherwise.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepFreshness Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>The max-age of the certificates will be divided by this
-                        factor.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepFreshness factor [max-seconds]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>ScepFreshness 2 86400</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>The age of the certificates will be divided by this factor
-                  when added as a max-age, set
-                  to zero to disable. Defaults to "2". An optional maximum value
-                  can be specified, defaults
-                  to one day.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepLocation Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepLocation url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>ScepLocation [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepRACertificate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the signing certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepRACertificate filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the signing certificate.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepRAKey Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the signing key.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepRAKey filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the signing key.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepRANextCertificate Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the name of the next RA signing certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepRANextCertificate filename</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>none</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the next RA signing certificate.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepSize Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the maximum size of the SCEP request from the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepSize bytes</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>ScepSize 131072</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the maximum size of the SCEP request from the client.
-                  This value cannot be smaller than 4096 bytes.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepSubjectAltNameRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the certificate request subject
-                        alternative name that will be copied over to the
-                        certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepSubjectAltNameRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the certificate request subject alternative name that will
-                  be copied over to the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepSubjectAltNameSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject alternative name.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepSubjectAltNameSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject alternative name.</p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepSubjectRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the certificate request subject that
-                        will be copied over to the certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepSubjectRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>ScepSubjectRequest field 1</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the certificate request subject that will
-                  be copied over to the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>ScepSubjectSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>ScepSubjectSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_scep</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_scep 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject. Subject attribute name is configured first, then
-                  the expression.</p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>

Removed: rs-manual/trunk/src/site/xhtml5/mod_spkac.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod_spkac.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod_spkac.xhtml5	(removed)
@@ -1,682 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
-  <head>
-    <title>mod_spkac Module</title>
-  </head>
-  <body>
-    <div class="index align-left">
-
-      <section class="wrapper style1 align-center"
-        id="introduction">
-        <div class="inner">
-          <h2>Signed Public Key and Challenge Module</h2>
-          <p>Generate and issue certificates using the SPKAC protocol.</p>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>What does it do?</h3>
-              </header>
-              <div class="content">
-                <p>
-                  This module implements a <a href="https://en.wikipedia.org/wiki/SPKAC">
-                  Signed Public Key and Challenge</a> endpoint that is capable of signing
-                  and issuing certificates on behalf of a suitable client.
-                </p>
-
-                <p>Based on configuration, parameters can be passed from
-                  optional form parameters, or explicit expressions, and a new
-                  certificate sign request with
-                  acceptable parameters is combined with the public key and the
-                  challenge from the SPKAC parameter and passed to suitably configured
-                  backend modules for request authorisation,
-                  certificate signing and issuing, and certificate storage.</p>
-
-                <p>
-                  This module can be configured to respond to SPKAC client requests as
-                  implemented by conformant implementations of HTML5.2 and earlier.
-                </p>
-              </div>
-            </section>
-
-
-          </div>
-        </div>
-      </section>
-
-
-
-      <section class="wrapper style1 align-center" id="integration">
-        <div class="inner">
-          <h2>Module Integration</h2>
-          <p>
-            The
-            <code>mod_spkac</code>
-            module is a
-            <a href="mod_ca.html#frontend">frontend module</a>
-            and will not do anything useful until
-            <code>mod_spkac</code>
-            has been combined with one or
-            more
-            <a href="mod_ca.html#backend">backend modules</a>
-            listed below. The
-            <code>mod_spkac</code>
-            module uses the following hooks to authorise, sign/issue and
-            store a
-            certificate, and suitable
-            <a href="mod_ca.html#backend">backend modules</a>
-            must be configured to implement each hook as needed.
-          </p>
-
-          <p>
-            All
-            <a href="mod_ca.html#frontend">frontend modules</a>
-            run within
-            a standard Apache httpd request, and standard httpd functionality
-            applies in all cases.
-          </p>
-
-          <div>
-            <img src="images/mod_spkac-1.png" style="width: 100%;" />
-          </div>
-
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_reqauthz">Request Authorization Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows you to verify the parameters
-                  included with the certificate sign request, such as the
-                  challenge password. If left unconfigured, all certificate
-                  requests will be accepted.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_reqauthz">mod_ca_ldap</a>
-                      </td>
-                      <td>Allows the certificate sign request to be verified
-                        against an LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_sign">Sign Request Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This hooks signs the certificate sign request and returns the
-                  issued certificate. The hook is mandatory, and the request will
-                  be rejected if left unconfigured.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_disk.html#ca_sign">mod_ca_disk</a>
-                      </td>
-                      <td>Allows certificate sign requests to be saved to disk for
-                        later out of band processing. The response will redirect the
-                        caller to where the certificate can be collected.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_engine.html#ca_sign">mod_ca_engine</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by an HSM
-                        such as a smartcard.</td>
-                    </tr>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_simple.html#ca_sign">mod_ca_simple</a>
-                      </td>
-                      <td>Allows certificate sign requests to be signed by a
-                        certificate and key specified on disk.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>
-                  <a href="mod_ca.html#ca_certstore">Certificate Storage Hook</a>
-                </h3>
-              </header>
-              <div class="content">
-                <p>This optional hook allows the newly generated certificate to
-                  be stored locally or in a database or directory. If left
-                  unconfigured, no local copy of the certificate will be stored.</p>
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>
-                        <a href="mod_ca_ldap.html#ca_certstore">mod_ca_ldap</a>
-                      </td>
-                      <td>Saves the newly issued PKCS7 certificate and chain to an
-                        LDAP directory.</td>
-                    </tr>
-                  </tbody>
-                </table>
-              </div>
-            </section>
-
-
-          </div>
-
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Examples</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>Basic Example</h3>
-              </header>
-              <div class="content">
-                <p>The simplest case: issue a certificate to anybody who wants
-                  one.</p>
-                <pre>
-                  <code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_spkac.c>
-  <Location /spkac>
-    SetHandler spkac
-    # use subject from the certificate sign request unmodified
-    SpkacSubjectRequest *
-  </Location>
-</IfModule>
-]]></code>
-                </pre>
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>Logged In Example</h3>
-              </header>
-              <div class="content">
-                <p>A more typical scenario: issue a certificate to a logged in
-                  user.</p>
-                <p>In this example it is assumed that Apache configuration
-                  exists that
-                  authenticates a user against a database, directory, a token, or a previous
-                  certificate.
-                </p>
-                <pre>
-                  <code><![CDATA[
-# backend configuration:
-<IfModule mod_ca_simple.c>
-  # sign with this certificate...
-  CASimpleCertificate /etc/pki/tls/ca-cert.pem
-  # ...and private key
-  CASimpleKey /etc/pki/tls/ca-key.pem
-  # use system clock as the time source
-  CASimpleTime on
-  # assign a random serial number
-  CASimpleSerialRandom on
-</IfModule>
-
-# frontend configuration:
-<IfModule mod_spkac.c>
-  <Location /spkac>
-    SetHandler spkac
-    # standard Apache authorisation
-    Require valid-user
-    # set the common name to the logged in username
-    SpkacSubjectSet CN %{REMOTE_USER}
-    # set a fixed OU field in the subject
-    SpkacSubjectSet OU "Terms and Conditions Apply"
-  </Location>
-</IfModule>
-]]></code>
-                </pre>
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-
-      <section class="wrapper style1 align-center"
-        id="directive-reference">
-        <div class="inner">
-          <h2>Directive Reference</h2>
-          <div class="index align-left">
-
-            <section>
-              <header>
-                <h3>SpkacLocation Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set the URL location of the WADL returned by the OPTIONS
-                        method.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacLocation url</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>SpkacLocation [current-URL]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set the URL location of the WADL returned by the OPTIONS
-                  method.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacSize Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the maximum size of the SPKAC request from the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacSize bytes</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>SpkacSize 131072</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the maximum size of the SPKAC request from the client.
-                  This value cannot be smaller than 4096 bytes.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacName Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Set to the form name of the SPKAC request from the
-                        client.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacName string</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>SpkacName key</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td><a href="mod_ca.html#frontend">Frontend</a></td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Set to the name of the form parameter containing the SPKAC request
-                   from the client.</p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacSubjectAltNameRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the form that will be copied over to the subject
-                        alternative name of the certificate.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacSubjectAltNameRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the form that will be copied over to the subject
-                  alternative name of the certificate, with optional limit to the
-                  number of fields that may appear.</p>
-
-			    <p>Fields in the form are expected to be prefixed with the string
-			      <code>subjectAltName-</code> which will stripped before comparing to
-			      names set by this directive.
-			    </p>
-<!--
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
--->
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacSubjectAltNameSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject alternative name.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacSubjectAltNameSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject alternative name.</p>
-
-                <p>Field names are limited to <code>otherName</code>, <code>rfc822Name</code>,
-                  <code>dNSName</code>, <code>x400Address</code>, <code>directoryName</code>,
-                  <code>ediPartyName</code>, <code>uniformResourceIdentifier</code>,
-                  <code>iPAddress</code>, or <code>registeredID</code> and are described in
-                  the <a href="subjects.html"> Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacSubjectRequest Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify fields in the form that
-                        will be copied over to the certificate subject.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacSubjectRequest field [number]</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>
-                        <code>SpkacSubjectRequest field 1</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify fields in the form that will
-                  be copied over to the certificate subject, with optional limit to the
-                  number of fields that may appear.</p>
-
-<!--
-                <p>If a wildcard is used, all fields in the certificate request
-                  subject alternative name will be copied across unmodified.
-                </p>
--->
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-            <section>
-              <header>
-                <h3>SpkacSubjectSet Directive</h3>
-              </header>
-              <div class="content">
-
-                <table>
-                  <tbody>
-                    <tr>
-                      <td>Description</td>
-                      <td>Specify an expression that will be included in the
-                        certificate subject.</td>
-                    </tr>
-                    <tr>
-                      <td>Syntax</td>
-                      <td>
-                        <code>SpkacSubjectSet field value</code>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Default</td>
-                      <td>None</td>
-                    </tr>
-                    <tr>
-                      <td>Context</td>
-                      <td>server config, virtual host, directory, .htaccess</td>
-                    </tr>
-                    <tr>
-                      <td>Status</td>
-                      <td>
-                        <a href="mod_ca.html#frontend">Frontend</a>
-                      </td>
-                    </tr>
-                    <tr>
-                      <td>Module</td>
-                      <td>mod_spkac</td>
-                    </tr>
-                    <tr>
-                      <td>Compatibility</td>
-                      <td>Introduced in mod_spkac 0.2.0 and works with Apache HTTP
-                        Server 2.4.0 and later</td>
-                    </tr>
-                  </tbody>
-                </table>
-
-                <p>Specify an expression that will be included in the
-                  certificate subject. Subject attribute name is configured first, then
-                  the expression.</p>
-
-                <p>Subject handling is covered in detail in the <a href="subjects.html">
-                  Subjects and Subject Alternative Names</a> section.
-                </p>
-
-              </div>
-            </section>
-
-          </div>
-        </div>
-      </section>
-
-    </div>
-  </body>
-</html>



More information about the rs-commit mailing list