diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod index 9ff0cc361..8f7229a28 100644 --- a/doc/apps/ca.pod +++ b/doc/apps/ca.pod @@ -120,7 +120,7 @@ the 'ps' utility) this option should be used with caution. indicates the issued certificates are to be signed with the key the certificate requests were signed with (given with B<-keyfile>). -Cerificate requests signed with a different key are ignored. If +Certificate requests signed with a different key are ignored. If B<-spkac>, B<-ss_cert> or B<-gencrl> are given, B<-selfsign> is ignored. @@ -237,7 +237,7 @@ configuration file, must be valid UTF8 strings. =item B<-multivalue-rdn> -this option causes the -subj argument to be interpretedt with full +This option causes the -subj argument to be interpretedt with full support for multivalued RDNs. Example: I @@ -274,7 +274,7 @@ B, B, B, B, B or B. The matching of B is case insensitive. Setting any revocation reason will make the CRL v2. -In practive B is not particularly useful because it is only used +In practice B is not particularly useful because it is only used in delta CRLs which are not currently implemented. =item B<-crl_hold instruction> @@ -630,7 +630,7 @@ RFCs, regardless the contents of the request' subject the B<-noemailDN> option can be used. The behaviour should be more friendly and configurable. -Cancelling some commands by refusing to certify a certificate can +Canceling some commands by refusing to certify a certificate can create an empty file. =head1 WARNINGS @@ -649,7 +649,7 @@ The B option should be used with caution. If care is not taken then it can be a security risk. For example if a certificate request contains a basicConstraints extension with CA:TRUE and the B value is set to B and the user does not spot -this when the certificate is displayed then this will hand the requestor +this when the certificate is displayed then this will hand the requester a valid CA certificate. This situation can be avoided by setting B to B