diff options
author | Lutz Jänicke <jaenicke@openssl.org> | 2003-05-30 07:45:07 +0000 |
---|---|---|
committer | Lutz Jänicke <jaenicke@openssl.org> | 2003-05-30 07:45:07 +0000 |
commit | 02b95b7499f29f1c0118afce26b25f15c6720318 (patch) | |
tree | 9488c66e1cbab4e83d485693a32f81eab14f6967 /doc/ssl | |
parent | c4d471552f6292ea783833c2340c7fe2eb858f9e (diff) |
Clarify ordering of certificates when using certificate chains
Diffstat (limited to 'doc/ssl')
-rw-r--r-- | doc/ssl/SSL_CTX_use_certificate.pod | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod index b8868f18bf..ea2faba3ec 100644 --- a/doc/ssl/SSL_CTX_use_certificate.pod +++ b/doc/ssl/SSL_CTX_use_certificate.pod @@ -68,7 +68,9 @@ should be preferred. SSL_CTX_use_certificate_chain_file() loads a certificate chain from B<file> into B<ctx>. The certificates must be in PEM format and must -be sorted starting with the certificate to the highest level (root CA). +be sorted starting with the subject's certificate (actual client or server +certificate), followed by intermediate CA certificates if applicable, and +ending at the highest level (root) CA. There is no corresponding function working on a single SSL object. SSL_CTX_use_PrivateKey() adds B<pkey> as private key to B<ctx>. |