Update notes about msencrypt and relative paths for 8.4

MapServer · Oct 31, 2024 · 56fc300 · 56fc300
1 parent 7a36b20
commit 56fc300
Showing 1 changed file with 16 additions and 9 deletions.
diff --git a/en/utilities/msencrypt.txt b/en/utilities/msencrypt.txt
@@ -18,9 +18,9 @@ Purpose
 -----------------------------------------------------------------------------
 
 Used to create an encryption key or to encrypt portions of connection
-strings for use in mapfiles (added in v4.10).  Typically you might
-want to encrypt portions of the CONNECTION parameter for a database
-connection.  The following CONNECTIONTYPEs are supported for using
+strings for use in Mapfiles (added in v4.10).  Typically you might
+want to encrypt portions of the ``CONNECTION`` parameter for a database
+connection.  The following ``CONNECTIONTYPEs`` are supported for using
 this encryption method:
 
 + :ref:`OGR <ogr>`
@@ -49,15 +49,22 @@ Use in Mapfile
 -----------------------------------------------------------------------------
 
 The location of the encryption key can be specified by two mechanisms, either by 
-setting the environment variable MS_ENCRYPTION_KEY or using a CONFIG directive 
-in the MAP object of your mapfile.  For example: 
+setting the variable ``MS_ENCRYPTION_KEY`` in the ``ENV`` section of the MapServer :ref:`Configuration <config>`, or using a ``CONFIG`` directive 
+in the MAP object of your Mapfile. Prior to MapServer version 8.0 ``MS_ENCRYPTION_KEY`` could be set as an environment variable.
+
+For example you can add the following to your Mapfile: 
 
 ::
 
     CONFIG MS_ENCRYPTION_KEY "/path/to/mykey.txt"
 
+.. note::
+
+    As of MapServer 8.4 this can be an absolute path, or a path relative to the Mapfile.
+    When setting in the :ref:`Configuration <config>` the path must be absolute.
+
 Use the { and } characters as delimiters for encrypted strings inside database 
-CONNECTIONs in your mapfile.  For example: 
+``CONNECTION``s in your Mapfile.  For example: 
 
 ::
 
@@ -117,10 +124,10 @@ it in a second):
 
     3656026A23DBAFC04C402EDFAB7CE714
 
-3. Edit the mapfile to make sure the 'mykey.txt' can be found, using
+3. Edit the Mapfile to make sure the 'mykey.txt' can be found, using
    the "MS_ENCRYPTION_KEY" environment variable.  The CONFIG parameter
    inside the MAP object can be used to set an environment variable
-   inside a mapfile:
+   inside a Mapfile:
 
 ::
 
@@ -138,5 +145,5 @@ it in a second):
     CONNECTION "host=127.0.0.1 dbname=gmap user=postgres
                 password={3656026A23DBAFC04C402EDFAB7CE714} port=5432"
 
-5. Done!  Give your new encrypted mapfile a try with the
+5. Done!  Give your new encrypted Mapfile a try with the
    :ref:`map2img` utility!