diff options
| author | Dr. Stephen Henson <steve@openssl.org> | 2009-06-26 11:29:26 +0000 |
|---|---|---|
| committer | Dr. Stephen Henson <steve@openssl.org> | 2009-06-26 11:29:26 +0000 |
| commit | f3be6c7b7d2081101c21c7a9b7ec39f4e86271e5 (patch) | |
| tree | ef92e5f388f36bf637cde6f5f6cde8c4ccde525d /doc | |
| parent | 4aa902ebaffb385199b9d0fb850ca4f9f5cb795e (diff) | |
Update from 1.0.0-stable.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/apps/cms.pod | 2 | ||||
| -rw-r--r-- | doc/apps/s_client.pod | 2 | ||||
| -rw-r--r-- | doc/apps/smime.pod | 2 | ||||
| -rw-r--r-- | doc/apps/verify.pod | 5 |
4 files changed, 8 insertions, 3 deletions
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod index 520279eeab..d62961a023 100644 --- a/doc/apps/cms.pod +++ b/doc/apps/cms.pod @@ -401,7 +401,7 @@ portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate's email address matches that specified in the From: address. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy> +=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig> Set various certificate chain valiadition option. See the L<B<verify>|verify(1)> manual page for details. diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index f61b80c720..4ebf7b5854 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -101,7 +101,7 @@ also used when building the client certificate chain. A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy> +=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig> Set various certificate chain valiadition option. See the L<B<verify>|verify(1)> manual page for details. diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod index 97cc0dc789..e0258b5648 100644 --- a/doc/apps/smime.pod +++ b/doc/apps/smime.pod @@ -259,7 +259,7 @@ portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate's email address matches that specified in the From: address. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy> +=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig> Set various options of certificate chain verification. See L<B<verify>|verify(1)> manual page for details. diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod index dad3d17c83..bd399dc772 100644 --- a/doc/apps/verify.pod +++ b/doc/apps/verify.pod @@ -135,6 +135,11 @@ signing keys. Enable support for delta CRLs. +=item B<-check_ss_sig> + +Verify the signature on the self-signed root CA. This is disabled by default +because it doesn't add any security. + =item B<-> marks the last option. All arguments following this are assumed to be |