From 2fae1075adba1dbbb67b292f0cb1e33b5c46ad89 Mon Sep 17 00:00:00 2001
From: Ivan Wallis <iwallis@gmail.com>
Date: Tue, 28 Jan 2025 18:59:38 -0800
Subject: [PATCH 1/3] doc: pkcs11 info

Signed-off-by: Ivan Wallis <iwallis@gmail.com>
---
 docs/index.html | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/docs/index.html b/docs/index.html
index 31264b53..18d1ca1b 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -60,7 +60,7 @@ <h3 id="features">Features</h3>
   <li>Keystores supported:
     <ul>
       <li>PKCS#12, JKS and JCEKS files</li>
-      <li>PKCS#11 hardware tokens (<a href="https://www.yubico.com">YubiKey</a>, <a href="https://www.nitrokey.com">Nitrokey</a>, <a href="https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication">SafeNet eToken</a>, etc)</li>
+      <li>PKCS#11 hardware tokens (<a href="https://www.yubico.com">YubiKey</a>, <a href="https://www.nitrokey.com">Nitrokey</a>, <a href="https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication">SafeNet eToken</a>, <a href="https://venafi.com/codesign-protect/">Venafi CodeSign Protect</a>, etc)</li>
       <li>Cloud key management systems:
         <ul>
           <li><a href="https://aws.amazon.com/kms/">AWS KMS</a></li>
@@ -697,6 +697,15 @@ <h4 id="example-piv">Signing with a PIV card</h4>
 <p>If multiple devices are connected, the <code>keystore</code> parameter can be used to specify
 the name of the one to use.</p>
 
+<h4 id="example-pkcs11">Signing with PKCS#11</h4>
+
+<p>A <a href="https://docs.oracle.com/javase/8/docs/technotes/guides/security/p11guide.html#Config">SunPKCS11 configuration file</a> is required. 
+The <code>alias</code> represents the name of the certificate used for signing in the <code>keystore</code>.
+
+<pre>
+ jsign --storetype PKCS11 --storepass NONE --keystore pkcs11.conf --alias SIGNATURE application.exe
+</pre>
+
 <h4 id="example-awskms">Signing with AWS Key Management Service</h4>
 
 <p><a href="https://aws.amazon.com/kms/">AWS Key Management Service</a> (KMS) stores only the private key,

From bab050e70ed79063f8380d9f3888a878b587e11e Mon Sep 17 00:00:00 2001
From: Ivan Wallis <iwallis@gmail.com>
Date: Tue, 28 Jan 2025 19:20:25 -0800
Subject: [PATCH 2/3] update alias

---
 docs/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/index.html b/docs/index.html
index 18d1ca1b..e19ee2b4 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -703,7 +703,7 @@ <h4 id="example-pkcs11">Signing with PKCS#11</h4>
 The <code>alias</code> represents the name of the certificate used for signing in the <code>keystore</code>.
 
 <pre>
- jsign --storetype PKCS11 --storepass NONE --keystore pkcs11.conf --alias SIGNATURE application.exe
+ jsign --storetype PKCS11 --storepass NONE --keystore pkcs11.conf --alias My-Signing-Cert application.exe
 </pre>
 
 <h4 id="example-awskms">Signing with AWS Key Management Service</h4>

From 8a44e40da15f581b26f6050b20ff82e12eaeee8a Mon Sep 17 00:00:00 2001
From: Ivan Wallis <iwallis@gmail.com>
Date: Fri, 31 Jan 2025 11:29:50 -0800
Subject: [PATCH 3/3] removed reference to Venafi

---
 docs/index.html | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/index.html b/docs/index.html
index e19ee2b4..45568493 100644
--- a/docs/index.html
+++ b/docs/index.html
@@ -60,7 +60,7 @@ <h3 id="features">Features</h3>
   <li>Keystores supported:
     <ul>
       <li>PKCS#12, JKS and JCEKS files</li>
-      <li>PKCS#11 hardware tokens (<a href="https://www.yubico.com">YubiKey</a>, <a href="https://www.nitrokey.com">Nitrokey</a>, <a href="https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication">SafeNet eToken</a>, <a href="https://venafi.com/codesign-protect/">Venafi CodeSign Protect</a>, etc)</li>
+      <li>PKCS#11 hardware tokens (<a href="https://www.yubico.com">YubiKey</a>, <a href="https://www.nitrokey.com">Nitrokey</a>, <a href="https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication">SafeNet eToken</a>, etc)</li>
       <li>Cloud key management systems:
         <ul>
           <li><a href="https://aws.amazon.com/kms/">AWS KMS</a></li>