diff options
author | Matt Caswell <matt@openssl.org> | 2017-05-03 14:41:43 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-05-03 14:42:52 +0100 |
commit | 6d9d8019bbc02e73ee1fdb5f6ffe3dd6ffcaa9d8 (patch) | |
tree | bb3c64ff21003a47f249216638114b542f828a0b | |
parent | f233a9d181b5cd150322e2e10348a4c1d96fc1f3 (diff) |
Update serverinfo documentation based on feedback received
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/3298)
-rw-r--r-- | doc/man3/SSL_CTX_use_serverinfo.pod | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/doc/man3/SSL_CTX_use_serverinfo.pod b/doc/man3/SSL_CTX_use_serverinfo.pod index a5defb30ee..d35a196ffe 100644 --- a/doc/man3/SSL_CTX_use_serverinfo.pod +++ b/doc/man3/SSL_CTX_use_serverinfo.pod @@ -35,7 +35,8 @@ consist of a 4-byte context, a 2-byte Extension Type, a 2-byte length, and then length bytes of extension_data. The context and type values have the same meaning as for L<SSL_CTX_add_custom_ext(3)>. If serverinfo is being loaded for extensions to be added to a Certificate message, then the extension will only -be added for the first Certificate in the message. +be added for the first certificate in the message (which is always the +end-entity certificate). If B<version> is B<SSL_SERVERINFOV1> then the extensions in the array must consist of a 2-byte Extension Type, a 2-byte length, and then length bytes of @@ -62,7 +63,7 @@ last certificate installed. If e.g. the last item was a RSA certificate, the loaded serverinfo extension data will be loaded for that certificate. To use the serverinfo extension for multiple certificates, SSL_CTX_use_serverinfo() needs to be called multiple times, once B<after> -each time a certificate is loaded. +each time a certificate is loaded via a call to SSL_CTX_use_certificate(). =head1 RETURN VALUES |