Document new ssl(3) functions and options.

Reviewed-by: Rich Salz <rsalz@openssl.org> (Merged from https://github.com/openssl/openssl/pull/3015)
author: Dr. Stephen Henson <steve@openssl.org> 2017-03-31 17:15:22 +0100
committer: Dr. Stephen Henson <steve@openssl.org> 2017-04-03 23:47:22 +0100
commit: 5a185729a3b029845c4596657b4495b3a8ead6f0 (patch)
tree: b36fe1be9aae04276b83d6d692ca2c1fe5d3b72d /doc/man1/s_client.pod
parent: 25a9fabbefa26422b6c9ee6635115b7ae3b97f21 (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/doc/man1/s_client.pod b/doc/man1/s_client.pod
index e9794c4af7..272d997d98 100644
--- a/doc/man1/s_client.pod
+++ b/doc/man1/s_client.pod
@@ -25,6 +25,7 @@ B<openssl> B<s_client>
 [B<-CAfile filename>]
 [B<-no-CAfile>]
 [B<-no-CApath>]
+[B<-requestCAfile filename>]
 [B<-dane_tlsa_domain domain>]
 [B<-dane_tlsa_rrdata rrdata>]
 [B<-dane_ee_no_namechecks>]
@@ -218,6 +219,12 @@ Do not load the trusted CA certificates from the default file location
 
 Do not load the trusted CA certificates from the default directory location
 
+=item B<-requestCAfile file>
+
+A file containing a list of certificates whose subject names will be sent
+to the server in the B<certificate_authorities> extension. Only supported
+for TLS 1.3
+
 =item B<-dane_tlsa_domain domain>
 
 Enable RFC6698/RFC7671 DANE TLSA authentication and specify the
author	Dr. Stephen Henson <steve@openssl.org>	2017-03-31 17:15:22 +0100
committer	Dr. Stephen Henson <steve@openssl.org>	2017-04-03 23:47:22 +0100
commit	5a185729a3b029845c4596657b4495b3a8ead6f0 (patch)
tree	b36fe1be9aae04276b83d6d692ca2c1fe5d3b72d /doc/man1/s_client.pod
parent	25a9fabbefa26422b6c9ee6635115b7ae3b97f21 (diff)