generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Clarify docs.

Browse Source 
Document that the certificate passed to SSL_CTX_add_extra_chain_cert()
should not be freed by the application.

PR#3409
(cherry picked from commit 0535c2d67ca2d684087ef90be35d5fb207aab227)

Add restrictions section present in other branches.

Conflicts:

	doc/ssl/SSL_CTX_add_extra_chain_cert.pod
This commit is contained in:
Jeffrey Walton 2014-06-27 16:33:06 +01:00 committed by Dr. Stephen Henson
parent f46ea1d8e2
commit 86cac6d3b2
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/ssl/SSL_CTX_add_extra_chain_cert.pod
View File

@ -24,6 +24,16 @@ the library will try to complete the chain from the available CA
certificates in the trusted CA storage, see
L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the B<SSL_CTX> is destroyed. An application B<should not> free the B<x509> object.
=head1 RESTRICTIONS
Only one set of extra chain certificates can be specified per SSL_CTX
structure. Different chains for different certificates (for example if both
RSA and DSA certificates are specified by the same server) or different SSL
structures with the same parent SSL_CTX cannot be specified using this
function.
=head1 RETURN VALUES
SSL_CTX_add_extra_chain_cert() returns 1 on success. Check out the