1 files changed, 132 insertions, 0 deletions
diff --git a/security/nss/doc/rst/legacy/reference/nss_tools__colon__vfychain/index.rst b/security/nss/doc/rst/legacy/reference/nss_tools__colon__vfychain/index.rst
new file mode 100644
index 0000000000..e6d92ccd47
--- /dev/null
+++ b/security/nss/doc/rst/legacy/reference/nss_tools__colon__vfychain/index.rst
@@ -0,0 +1,132 @@
+.. _mozilla_projects_nss_reference_nss_tools_:_vfychain:
+
+NSS tools : vfychain
+====================
+
+.. container::
+
+   Name
+
+   | vfychain — vfychain [options] [revocation options] certfile [[options]
+   | certfile] ...
+
+   Synopsis
+
+   vfychain
+
+   Description
+
+   | The verification Tool, vfychain, verifies certificate chains. modutil can
+   | add and delete PKCS #11 modules, change passwords on security databases,
+   | set defaults, list module contents, enable or disable slots, enable or
+   | disable FIPS 140-2 compliance, and assign default providers for
+   | cryptographic operations. This tool can also create certificate, key, and
+   | module security database files.
+
+   | The tasks associated with security module database management are part of
+   | a process that typically also involves managing key databases and
+   | certificate databases.
+
+   Options
+
+   | -a
+   | the following certfile is base64 encoded
+
+   | -b YYMMDDHHMMZ
+   | Validate date (default: now)
+
+   | -d directory
+   | database directory
+
+   | -f
+   | Enable cert fetching from AIA URL
+
+   | -o oid
+   | Set policy OID for cert validation(Format OID.1.2.3)
+
+   -p
+
+   Use PKIX Library to validate certificate by calling:
+
+   \* CERT_VerifyCertificate if specified once,
+
+   \* CERT_PKIXVerifyCert if specified twice and more.
+
+   | -r
+   | Following certfile is raw binary DER (default)
+
+   | -t
+   | Following cert is explicitly trusted (overrides db trust)
+
+   -u usage
+
+   | 0=SSL client, 1=SSL server, 2=SSL StepUp, 3=SSL CA, 4=Email
+   | signer, 5=Email recipient, 6=Object signer,
+   | 9=ProtectedObjectSigner, 10=OCSP responder, 11=Any CA
+
+   | -v
+   | Verbose mode. Prints root cert subject(double the argument for
+   | whole root cert info)
+
+   | -w password
+   | Database password
+
+   | -W pwfile
+   | Password file
+
+   | Revocation options for PKIX API (invoked with -pp options) is a
+   | collection of the following flags: [-g type [-h flags] [-m type
+   | [-s flags]] ...] ...
+
+   Where:
+
+   | -g test-type
+   | Sets status checking test type. Possible values are "leaf" or
+   | "chain"
+
+   | -g test type
+   | Sets status checking test type. Possible values are "leaf" or
+   | "chain".
+
+   | -h test flags
+   | Sets revocation flags for the test type it follows. Possible
+   | flags: "testLocalInfoFirst" and "requireFreshInfo".
+
+   | -m method type
+   | Sets method type for the test type it follows. Possible types are
+   | "crl" and "ocsp".
+
+   | -s method flags
+   | Sets revocation flags for the method it follows. Possible types
+   | are "doNotUse", "forbidFetching", "ignoreDefaultSrc",
+   | "requireInfo" and "failIfNoInfo".
+
+   Additional Resources
+
+   | For information about NSS and other tools related to NSS (like JSS), check
+   | out the NSS project wiki at
+   | [1]\ `http://www.mozilla.org/projects/security/pki/nss/ <https://www.mozilla.org/projects/security/pki/nss/>`__.
+     The NSS site relates
+   | directly to NSS code changes and releases.
+
+   Mailing lists: https://lists.mozilla.org/listinfo/dev-tech-crypto
+
+   IRC: Freenode at #dogtag-pki
+
+   Authors
+
+   | The NSS tools were written and maintained by developers with Netscape, Red
+   | Hat, and Sun.
+
+   | Authors: Elio Maldonado <emaldona@redhat.com>, Deon Lackey
+   | <dlackey@redhat.com>.
+
+   Copyright
+
+   (c) 2010, Red Hat, Inc. Licensed under the GNU Public License version 2.
+
+   References
+
+   | Visible links
+   | 1.
+     `http://www.mozilla.org/projects/security/pki/nss/ <https://www.mozilla.org/projects/security/pki/nss/>`__
+\ No newline at end of file