diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2000-02-23 01:11:01 +0000 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2000-02-23 01:11:01 +0000 |
commit | 3142c86d65a7da76d60622dcf1c177479d1bc9de (patch) | |
tree | 9c2f6932de1df175c32cbeb55d52da011fde96ed /doc | |
parent | 4b42658082a3d6224d25f10de8fdb605d30015a9 (diff) |
Allow ADH to be used but not present in the default cipher
list.
Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/ciphers.pod | 5 | ||||
-rw-r--r-- | doc/apps/pkcs7.pod | 12 |
2 files changed, 15 insertions, 2 deletions
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 2ca55b0cc9..2301e28251 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -101,7 +101,8 @@ The following is a list of all permitted cipher strings and their meanings. =item B<DEFAULT> the default cipher list. This is determined at compile time and is normally -B<TBA>. This must be the first cipher string specified. +B<ALL:!ADH:RC4+RSA:+SSLv2:@STRENGTH>. This must be the first cipher string +specified. =item B<ALL> @@ -143,7 +144,7 @@ included. the cipher suites offering no authentication. This is currently the anonymous DH algorithms. These cipher suites are vulnerable to a "man in the middle" -attack and so there use is normally discouraged. +attack and so their use is normally discouraged. =item B<kRSA>, B<RSA> diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod index b721e395a2..4e9bd6e46b 100644 --- a/doc/apps/pkcs7.pod +++ b/doc/apps/pkcs7.pod @@ -71,6 +71,18 @@ Output all certificates in a file: openssl pkcs7 -in file.pem -print_certs -out certs.pem +=head1 NOTES + +The PEM PKCS#7 format uses the header and footer lines: + + -----BEGIN PKCS7----- + -----END PKCS7----- + +For compatability with some CAs it will also accept: + + -----BEGIN CERTIFICATE----- + -----END CERTIFICATE----- + =head1 RESTRICTIONS There is no option to print out all the fields of a PKCS#7 file. |