generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Typo and additional information about cert-chain building.

Browse Source
This commit is contained in:
Lutz Jänicke 2000-12-05 16:47:22 +00:00
parent b1e21f8fac
commit d766a23deb
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/ssl/SSL_CTX_load_verify_locations.pod
View File

@ -46,7 +46,7 @@ is performed in the ordering of the extension number, regardless of other
properties of the certificates. properties of the certificates.
Use the B<c_rehash> utility to create the necessary links. Use the B<c_rehash> utility to create the necessary links.
The certificates in B<CAfile> are only looked up when required, e.g. when The certificates in B<CApath> are only looked up when required, e.g. when
building the certificate chain or when actually performing the verification building the certificate chain or when actually performing the verification
of a peer certificate. of a peer certificate.
@ -62,6 +62,9 @@ matching the parameters is found, the verification process will be performed;
no other certificates for the same parameters will be searched in case of no other certificates for the same parameters will be searched in case of
failure. failure.
When building its own certificate chain, an OpenSSL client/server will
try to fill in missing certificates from B<CAfile>/B<CApath>.
=head1 WARNINGS =head1 WARNINGS
If several CA certificates matching the name, key identifier, and serial If several CA certificates matching the name, key identifier, and serial