generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Document -trusted_first option in man pages and help.

Browse Source 
Add -trusted_first description to help messages and man pages
of tools that deal with certificate verification.
This commit is contained in:
Hubert Kario
2014-06-18 19:55:03 +02:00
committed by Matt Caswell
parent 2d7153e8f9
commit 6d3d579367
12 changed files with 33 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
doc/apps/verify.pod
View File

@@ -9,6 +9,7 @@ verify - Utility to verify certificates.
B<openssl> B<verify>
[B<-CApath directory>]
[B<-CAfile file>]
[B<-trusted_first>]
[B<-purpose purpose>]
[B<-policy arg>]
[B<-ignore_critical>]
@@ -57,6 +58,12 @@ in PEM format concatenated together.
A file of untrusted certificates. The file should contain multiple certificates
in PEM format concatenated together.
=item B<-trusted_first>
Use certificates in CA file or CA directory before certificates in untrusted
file when building the trust chain to verify certificates.
This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
=item B<-purpose purpose>
The intended use for the certificate. If this option is not specified,