From daf521e1d2c526c76a73aa755972dab3bcc4cf2c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Love=20H=C3=B6rnquist=20=C3=85strand?= <lha@kth.se>
Date: Wed, 10 Jan 2007 22:14:51 +0000
Subject: [PATCH] Hint about hxtool validate.

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@19821 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 doc/setup.texi | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/doc/setup.texi b/doc/setup.texi
index 69b2b0bc2..d62b05761 100644
--- a/doc/setup.texi
+++ b/doc/setup.texi
@@ -1293,6 +1293,8 @@ lha@@EXAMPLE.ORG:CN=Love,UID=lha
 
 @section Use hxtool to create certificates
 
+@subsection Generate certificates
+
 First you need to generate a CA certificate, change the --subject to
 something appropriate, the CA certificate will be valid for 10 years.
 
@@ -1341,6 +1343,15 @@ hxtool issue-certificate \
     --certificate="FILE:user.pem"
 @end example
 
+@subsection Validate certificate
+
+hxtool also contains a tool that will validate certificates according to
+rules from PKIX document. The checks are not complete, but a good test
+to check if you got all of the basic bits right in your certificates.
+
+@example
+hxtool validate FILE:user.pem
+@end example
 
 @section Use OpenSSL to create certificates