apps x509: passing PKCS#11 URL as -signkey

OpenSSL 1.1.0 has extended option checking, and rejects passing a PKCS#11 engine URL to "-signkey" option. The actual code is ready to take it. Change the option parsing to allow an engine URL to be passed and modify the manpage accordingly. CLA: trivial (cherry picked from commit 16d560439d8b1be5082228a87576a8f79b3525ac) Reviewed-by: Shane Lontis <shane.lontis@oracle.com> Reviewed-by: Tomas Mraz <tmraz@fedoraproject.org> (Merged from https://github.com/openssl/openssl/pull/11173)
author: Bastian Germann <bage@linutronix.de> 2020-02-13 11:58:27 +0100
committer: Richard Levitte <levitte@openssl.org> 2020-03-08 16:49:48 +0100
commit: 9aba5c5ff2ccfe59e1c7d77918804919d549ebbc (patch)
tree: ba50d47181614788164101ded95cc5a680a463e9 /doc
parent: 4eca3ec728f328a1b05553814e58ca9aa1cb4e78 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/doc/man1/x509.pod b/doc/man1/x509.pod
index e498aee4ff..ab1a39c9c6 100644
--- a/doc/man1/x509.pod
+++ b/doc/man1/x509.pod
@@ -44,7 +44,7 @@ B<openssl> B<x509>
 [B<-setalias arg>]
 [B<-days arg>]
 [B<-set_serial n>]
-[B<-signkey filename>]
+[B<-signkey arg>]
 [B<-passin arg>]
 [B<-x509toreq>]
 [B<-req>]
@@ -350,10 +350,11 @@ can thus behave like a "mini CA".
 
 =over 4
 
-=item B<-signkey filename>
+=item B<-signkey arg>
 
 This option causes the input file to be self signed using the supplied
-private key.
+private key or engine. The private key's format is specified with the
+B<-keyform> option.
 
 If the input file is a certificate it sets the issuer name to the
 subject name (i.e.  makes it self signed) changes the public key to the
author	Bastian Germann <bage@linutronix.de>	2020-02-13 11:58:27 +0100
committer	Richard Levitte <levitte@openssl.org>	2020-03-08 16:49:48 +0100
commit	9aba5c5ff2ccfe59e1c7d77918804919d549ebbc (patch)
tree	ba50d47181614788164101ded95cc5a680a463e9 /doc
parent	4eca3ec728f328a1b05553814e58ca9aa1cb4e78 (diff)