diff options
| -rw-r--r-- | apps/apps.c | 2 | ||||
| -rw-r--r-- | doc/apps/verify.pod | 5 |
2 files changed, 7 insertions, 0 deletions
diff --git a/apps/apps.c b/apps/apps.c index 8ab4833668..ca9179e9a5 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -2241,6 +2241,8 @@ int args_verify(char ***pargs, int *pargc, flags |= X509_V_FLAG_CHECK_SS_SIGNATURE; else if (!strcmp(arg, "-no_alt_chains")) flags |= X509_V_FLAG_NO_ALT_CHAINS; + else if (!strcmp(arg, "-allow_proxy_certs")) + flags |= X509_V_FLAG_ALLOW_PROXY_CERTS; else return 0; diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod index 18eeee04b9..450dd7d809 100644 --- a/doc/apps/verify.pod +++ b/doc/apps/verify.pod @@ -23,6 +23,7 @@ B<openssl> B<verify> [B<-use_deltas>] [B<-policy_print>] [B<-no_alt_chains>] +[B<-allow_proxy_certs>] [B<-untrusted file>] [B<-help>] [B<-issuer_checks>] @@ -117,6 +118,10 @@ be found that is trusted. With this option that behaviour is suppressed so that only the first chain found is ever used. Using this option will force the behaviour to match that of previous OpenSSL versions. +=item B<-allow_proxy_certs> + +Allow the verification of proxy certificates. + =item B<-policy_print> Print out diagnostics related to policy processing. |