[rs-commit] r543 - /rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5

rs-commit at redwax.eu rs-commit at redwax.eu
Thu Mar 12 12:54:31 CET 2026 

Author: minfrin at redwax.eu
Date: Thu Mar 12 12:54:31 2026
New Revision: 543

Log:
Update docs to show renewal support.

Modified:
    rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5

Modified: rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5	(original)
+++ rs-manual/trunk/src/site/xhtml5/mod/mod_scep.xhtml5	Thu Mar 12 12:54:31 2026
@@ -33,8 +33,8 @@
               </header>
               <div class="content">
                 <p>
-                  This module implements a <a href="https://tools.ietf.org/html/draft-gutmann-scep-14">
-                  Simple Certificate Enrollment Protocol</a> endpoint that is capable of signing
+                  This module implements an <a href="https://datatracker.ietf.org/doc/html/rfc8894">
+                  RFC8894 Simple Certificate Enrollment Protocol</a> endpoint that is capable of signing
                   and issuing certificates on behalf of a suitable client.
                 </p>
 
@@ -61,6 +61,9 @@
                     </tr>
                     <tr>
                       <td>PKIOperation PKCSReq</td><td>Request a certificate via a certificate sign request.</td>
+                    </tr>
+                    <tr>
+                      <td>PKIOperation RenewalReq</td><td>Renew a certificate signed by the previous certificate and key.</td>
                     </tr>
                     <tr>
                       <td>PKIOperation CertPoll (GetCertInitial)</td><td>Poll for a certificate that was previously requested.</td>
@@ -130,10 +133,17 @@
               <div class="content">
                 <p>This optional hook allows you to verify the parameters
                   included with the certificate sign request, such as the
-                  challenge password. If left unconfigured, all certificate
-                  requests will be accepted.</p>
-                <table>
-                  <tbody>
+                  challenge password or the previous certificate/key. If left
+                  unconfigured, all certificate requests will be accepted.</p>
+                <table>
+                  <tbody>
+                    <tr>
+                      <td>
+                        <a href="mod_ca_disk.html#ca_reqauthz">mod_ca_disk</a>
+                      </td>
+                      <td>Allows the certificate sign request renewal to be
+                        verified against previously issued certificates.</td>
+                    </tr>
                     <tr>
                       <td>
                         <a href="mod_ca_ldap.html#ca_reqauthz">mod_ca_ldap</a>
@@ -204,6 +214,12 @@
                   unconfigured, no local copy of the certificate will be stored.</p>
                 <table>
                   <tbody>
+                    <tr>
+                      <td>
+                        <a href="mod_ca_disk.html#ca_certstore">mod_ca_disk</a>
+                      </td>
+                      <td>Saves the newly issued certificate to a directory on disk.</td>
+                    </tr>
                     <tr>
                       <td>
                         <a href="mod_ca_ldap.html#ca_certstore">mod_ca_ldap</a>

More information about the rs-commit mailing list