Document certificate status request options.

(cherry picked from commit cba3f1c739f012aaadb85aaefaf8de424d2695e2)

doc/apps/s_client.pod

@@ -48,6 +48,7 @@ B<openssl> B<s_client>
 [B<-sess_in filename>]
 [B<-rand file(s)>]
 [B<-serverinfo types>]
+[B<-status>]
 
 =head1 DESCRIPTION
 
@@ -267,6 +268,11 @@ a list of comma-separated TLS Extension Types (numbers between 0 and
 The server's response (if any) will be encoded and displayed as a PEM
 file.
 
+=item B<-status>
+
+sends a certificate status request to the server (OCSP stapling). The server
+response (if any) is printed out.
+
 =back
 
 =head1 CONNECTED COMMANDS

doc/apps/s_server.pod

@@ -57,6 +57,10 @@ B<openssl> B<s_server>
 [B<-rand file(s)>]
 [B<-serverinfo file>]
 [B<-no_resumption_on_reneg>]
+[B<-status>]
+[B<-status_verbose>]
+[B<-status_timeout nsec>]
+[B<-status_url url>]
 =head1 DESCRIPTION
 
 The B<s_server> command implements a generic SSL/TLS server which listens
@@ -294,6 +298,25 @@ ServerHello extension will be returned.
 
 set SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag.
 
+=item B<-status>
+
+enables certificate status request support (aka OCSP stapling).
+
+=item B<-status_verbose>
+
+enables certificate status request support (aka OCSP stapling) and gives
+a verbose printout of the OCSP response.
+
+=item B<-status_timeout nsec>
+
+sets the timeout for OCSP response to B<nsec> seconds.
+
+=item B<-status_url url>
+
+sets a fallback responder URL to use if no responder URL is present in the
+server certificate. Without this option an error is returned if the server
+certificate does not contain a responder address.
+
 =back
 
 =head1 CONNECTED COMMANDS