generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

RT3291: Add -crl and -revoke options to CA.pl

Browse Source 
Document the new features

Reviewed-by: Tim Hudson <tjh@openssl.org>
This commit is contained in:
Rich Salz 2014-09-18 21:45:41 -04:00
parent 99b00fd993
commit e8185aea87
1 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
doc/apps/CA.pl.pod
View File

@ -89,6 +89,17 @@ is useful when creating intermediate CA from a root CA.
this option is the same as B<-sign> except it expects a self signed certificate this option is the same as B<-sign> except it expects a self signed certificate
to be present in the file "newreq.pem". to be present in the file "newreq.pem".
=item B<-crl>
generate a CRL
=item B<-revoke certfile [reason]>
revoke the certificate contained in the specified B<certfile>. An optional
reason may be specified, and must be one of: B<unspecified>,
B<keyCompromise>, B<CACompromise>, B<affiliationChanged>, B<superseded>,
B<cessationOfOperation>, B<certificateHold>, or B<removeFromCRL>.
=item B<-verify> =item B<-verify>
verifies certificates against the CA certificate for "demoCA". If no certificates verifies certificates against the CA certificate for "demoCA". If no certificates