diff options
author | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-05-20 15:10:05 +0200 |
---|---|---|
committer | Dr. David von Oheimb <David.von.Oheimb@siemens.com> | 2020-06-13 15:13:21 +0200 |
commit | 1693135564d00e34ca9f41ff785b5d60e3500415 (patch) | |
tree | c5a5ca95fbf388d55977bfcc7b8a15924db09fe6 /doc | |
parent | 7e998a0fdcbc59ef527ae84338439af75986c96a (diff) |
Allow subject of CMP -oldcert as sender unless protection cert is given
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11998)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/man1/openssl-cmp.pod.in | 5 | ||||
-rw-r--r-- | doc/man3/OSSL_CMP_CTX_new.pod | 3 |
2 files changed, 5 insertions, 3 deletions
diff --git a/doc/man1/openssl-cmp.pod.in b/doc/man1/openssl-cmp.pod.in index aac322b528..0615fffa4e 100644 --- a/doc/man1/openssl-cmp.pod.in +++ b/doc/man1/openssl-cmp.pod.in @@ -393,8 +393,9 @@ It must be given for RR, while for KUR it defaults to B<-cert>. The reference certificate determined in this way, if any, is also used for deriving default subject DN and Subject Alternative Names for IR, CR, and KUR. -Its issuer, if any, is used as default recipient in the CMP message header -if neither B<-srvcert>, B<-recipient>, nor B<-issuer> is available. +Its subject is used as sender in CMP message headers if B<-cert> is not given. +Its issuer is used as default recipient in CMP message headers +if neither B<-recipient>, B<-srvcert>, nor B<-issuer> is given. =item B<-revreason> I<number> diff --git a/doc/man3/OSSL_CMP_CTX_new.pod b/doc/man3/OSSL_CMP_CTX_new.pod index f8fee277e2..e9ca5f18a8 100644 --- a/doc/man3/OSSL_CMP_CTX_new.pod +++ b/doc/man3/OSSL_CMP_CTX_new.pod @@ -520,7 +520,8 @@ Key Update Requests (KUR) or to be revoked in Revocation Requests (RR). It must be given for RR, else it defaults to the protection B<cert>. The B<reference certificate> determined in this way, if any, is also used for deriving default subject DN and Subject Alternative Names for IR, CR, and KUR. -Its issuer, if any, is used as default recipient in the CMP message header. +Its subject is used as sender in CMP message headers if no protection cert is given. +Its issuer is used as default recipient in CMP message headers. OSSL_CMP_CTX_set1_p10CSR() sets the PKCS#10 CSR to be used in P10CR. |