update README

author: Dr. Stephen Henson <steve@openssl.org> 2012-09-09 20:47:36 +0000
committer: Dr. Stephen Henson <steve@openssl.org> 2012-09-09 20:47:36 +0000
commit: 61d24f102d114a001fc8942bcb27620a242ec4c5 (patch)
tree: 2aa5ab2e0a1c89fcf989190b452b5679d233641b /demos/certs
parent: 79b184fb4b65d501352a189ff102b509e14e62ca (diff)
1 files changed, 16 insertions, 4 deletions
diff --git a/demos/certs/README b/demos/certs/README
index d022d0afc0..126663a1d8 100644
--- a/demos/certs/README
+++ b/demos/certs/README
@@ -3,7 +3,19 @@ a script. This is often a cause for confusion which can result in incorrect
 CA certificates, obsolete V1 certificates or duplicate serial numbers.
 The range of command line options can be daunting for a beginner.
 
-This is a simple example of how to generate certificates automatically
-using scripts. Example creates a root CA, a server certificate signed by
-the root, an intermediate CA signed by the root and finally a client 
-certificate signed by the intermediate CA.
+The mkcerts.sh script is an example of how to generate certificates
+automatically using scripts. Example creates a root CA, an intermediate CA
+signed by the root and several certificates signed by the intermediate CA.
+
+The script then creates an empty index.txt file and adds entries for the
+certificates and generates a CRL. Then one certificate is revoked and a 
+second CRL generated.
+
+The script ocsprun.sh runs the test responder on port 8888 covering the
+client certificates.
+
+The script ocspquery.sh queries the status of the certificates using the
+test responder.
+
+
+
author	Dr. Stephen Henson <steve@openssl.org>	2012-09-09 20:47:36 +0000
committer	Dr. Stephen Henson <steve@openssl.org>	2012-09-09 20:47:36 +0000
commit	61d24f102d114a001fc8942bcb27620a242ec4c5 (patch)
tree	2aa5ab2e0a1c89fcf989190b452b5679d233641b /demos/certs
parent	79b184fb4b65d501352a189ff102b509e14e62ca (diff)