diff options
| -rw-r--r-- | doc/man3/PKCS12_create.pod | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/doc/man3/PKCS12_create.pod b/doc/man3/PKCS12_create.pod index 92e588062a..9d5403113a 100644 --- a/doc/man3/PKCS12_create.pod +++ b/doc/man3/PKCS12_create.pod @@ -57,9 +57,15 @@ export grade software which could use signing only keys of arbitrary size but had restrictions on the permissible sizes of keys which could be used for encryption. -If a certificate contains an I<alias> or I<keyid> then this will be -used for the corresponding B<friendlyName> or B<localKeyID> in the -PKCS12 structure. +If I<name> is B<NULL> and I<cert> contains an I<alias> then this will be +used for the corresponding B<friendlyName> in the PKCS12 structure instead. +Similarly, if I<pkey> is NULL and I<cert> contains a I<keyid> then this will be +used for the corresponding B<localKeyID> in the PKCS12 structure instead of the +id calculated from the I<pkey>. + +For all certificates in I<ca> then if a certificate contains an I<alias> or +I<keyid> then this will be used for the corresponding B<friendlyName> or +B<localKeyID> in the PKCS12 structure. Either I<pkey>, I<cert> or both can be B<NULL> to indicate that no key or certificate is required. In previous versions both had to be present or |