Initializing help system before first use

ssl_dir

Description
This parameter is the path to the configuration directory of mmssl. Its content is used by both the mmssl routines and the Mosel core libraries for handling signed and encrypted bim files.
Type
String, read only
Note
By default this location is the path "${HOME}/.mmssl" (on Unix systems) or "%USERPROFILE%\.mmssl" (on Windows). Assuming the active restrictions do not prevent the operation, this directory will be created if it does not exist at the time of loading the module. It is also possible to select a different location by defining the environment variable MOSEL_SSL (in this case, the directory is not automatically created and must be available at loading time).
 
The configuration directory should contain the following entries:
personal.key
RSA private key of the user: it is used for signing documents to be published and for decrypting documents that have been encrypted with the corresponding public key.
personal
RSA public key of the user: to be provided with documents signed with personal.key such that recipients can check the signature. The public key is also used to encrypt documents to be decrypted with personal.key.
pubkeys
public keys repository: this directory is the default location where public keys are searched for checking the signature of a document.
ca-bundle.crt
trusted certificates file: mmhttp uses this file when checking authenticity of servers (HTTPS client) or clients (HTTPS server).
server.crt
HTTPS server certificate: this file is required by the HTTPS server of mmhttp together with the corresponding private key.
server.key
HTTPS server private key: this file is required by the HTTPS server of mmhttp together with the corresponding certificate.
The program mmssl can be used to create and populate this directory (Section The mmssl command).
 
Even if Mosel is run under restrictions, mmssl can still access its configuration directory for getting public keys stored under the pubkeys directory, read the file of trusted certificates ca-bundle.crt and load the private key personal.key to decrypt a document. However, the module requires explicit read access to use the private key personal.key for signing tasks and load the HTTPS server configuration (files server.key and server.crt).
Module
mmssl

Parent Topic Control parameters

© 2001-2025 Fair Isaac Corporation. All rights reserved. This documentation is the property of Fair Isaac Corporation (“FICO”). Receipt or possession of this documentation does not convey rights to disclose, reproduce, make derivative works, use, or allow others to use it except solely for internal evaluation purposes to determine whether to purchase a license to the software described in this documentation, or as otherwise set forth in a written software license agreement between you and FICO (or a FICO affiliate). Use of this documentation and the software described in it must conform strictly to the foregoing permitted uses, and no other use is permitted.