diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-14 21:58:34 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-08-20 14:55:34 +0200 |
commit | b3c5aadf4ce3dc2207cc605726bf370a55b531c9 (patch) | |
tree | 5bb19360081b1ab928eb3dcede98f13caaa8ebac /doc/man1/openssl-ocsp.pod.in | |
parent | ed4faae00cdab23244704660c099e41ec64f5dc0 (diff) |
apps: make use of OSSL_STORE for generalized certs and CRLs loading
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/12647)
Diffstat (limited to 'doc/man1/openssl-ocsp.pod.in')
-rw-r--r-- | doc/man1/openssl-ocsp.pod.in | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/doc/man1/openssl-ocsp.pod.in b/doc/man1/openssl-ocsp.pod.in index a738ddbdd7..614a4dae83 100644 --- a/doc/man1/openssl-ocsp.pod.in +++ b/doc/man1/openssl-ocsp.pod.in @@ -130,6 +130,7 @@ the OCSP request is not signed. =item B<-sign_other> I<filename> Additional certificates to include in the signed request. +The input can be in PEM, DER, or PKCS#12 format. =item B<-nonce>, B<-no_nonce> @@ -180,10 +181,12 @@ the complete request is received. =item B<-verify_other> I<file> -File containing additional certificates to search when attempting to locate +File or URI containing additional certificates to search +when attempting to locate the OCSP response signing certificate. Some responders omit the actual signer's certificate from the response: this option can be used to supply the necessary certificate in such cases. +The input can be in PEM, DER, or PKCS#12 format. =item B<-trust_other> @@ -194,8 +197,9 @@ root CA is not appropriate. =item B<-VAfile> I<file> -File containing explicitly trusted responder certificates. Equivalent to the -B<-verify_other> and B<-trust_other> options. +File or URI containing explicitly trusted responder certificates. +Equivalent to the B<-verify_other> and B<-trust_other> options. +The input can be in PEM, DER, or PKCS#12 format. =item B<-noverify> @@ -296,6 +300,7 @@ must also be present. CA certificate corresponding to the revocation information in the index file given with B<-index>. +The input can be in PEM, DER, or PKCS#12 format. =item B<-rsigner> I<file> @@ -314,6 +319,7 @@ see L<openssl(1)/Pass Phrase Options>. =item B<-rother> I<file> Additional certificates to include in the OCSP response. +The input can be in PEM, DER, or PKCS#12 format. =item B<-rsigopt> I<nm>:I<v> |