3 swtpm_setup.conf - Configuration file for swtpm_setup
7 The file I</etc/swtpm_setup.conf> contains configuration information for
8 the swtpm_setup and swtpm_setup.sh programs. It must only contain
9 one configuration keyword per line, followed by an equals sign (=) and then
10 followed by appropriate configuration information. A comment at the
11 end of the line may be introduced by a hash (#) sign.
13 The following keywords are recognized:
17 =item B<create_certs_tool>
19 This keyword is to be followed by the name of an executable or executable
20 script used for creating various TPM certificates. The tool will be
21 called with the following options
27 This parameter indicates the type of certificate to create. The type parameter may
28 be one of the following: I<ek>, or I<platform>
32 This parameter indicates the directory into which the certificate is to be stored.
33 It is expected that the EK certificate is stored in this directory under the name
34 ek.cert and the platform certificate under the name platform.cert.
38 This parameter indicates the modulus of the public key of the endorsement key
39 (EK). The public key is provided as a sequence of ASCII hex digits.
43 This parameter indicates the ID of the VM for which to create the certificate.
45 =item B<--logfile <logfile>>
47 The log file to log output to; by default logging goes to stdout and stderr
50 =item B<--configfile <configuration file>>
52 The configuration file to use. This file typically contains configuration
53 information for the invoked program. If omitted, the program must use
54 its default configuration file.
56 =item B<--optsfile <options file>>
58 The options file to use. This file typically contains options that the
59 invoked program uses. If omitted, the program must use its default
62 =item B<--tpm-spec-family <family>>, B<--tpm-spec-level <level>>, B<--tpm-spec-revision <revision>>
64 These 3 options describe the TPM specification that was followed for
65 the implementation of the TPM and will be part of the EK certificate.
69 This option is passed in case a TPM 2 compliant certificate needs to be
74 =item B<create_certs_tool_config>
76 This keyword is to be followed by the name of a configuration file
77 that will be passed to the invoked program using the --configfile
78 option described above. If omitted, the invoked program will use
79 the default configuration file.
81 =item B<create_certs_tool_options>
83 This keyword is to be followed by the name of an options file
84 that will be passed to the invoked program using the --optsfile
85 option described above. If omitted, the invoked program will use
86 the default options file.
96 Report bugs to Stefan Berger <stefanb@linux.vnet.ibm.com>