diff options
Diffstat (limited to 'doc/apps/verify.pod')
-rw-r--r-- | doc/apps/verify.pod | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod index 051cd624f1..0fd1799af2 100644 --- a/doc/apps/verify.pod +++ b/doc/apps/verify.pod @@ -12,6 +12,7 @@ B<openssl> B<verify> [B<-CApath directory>] [B<-no-CAfile>] [B<-no-CApath>] +[B<-allow_proxy_certs>] [B<-attime timestamp>] [B<-check_ss_sig>] [B<-CRLfile file>] @@ -83,6 +84,10 @@ Do not load the trusted CA certificates from the default file location Do not load the trusted CA certificates from the default directory location +=item B<-allow_proxy_certs> + +Allow the verification of proxy certificates + =item B<-attime timestamp> Perform validation checks using time specified by B<timestamp> and not @@ -564,13 +569,18 @@ Invalid non-CA certificate has CA markings. Proxy path length constraint exceeded. +=item B<X509_V_ERR_PROXY_SUBJECT_INVALID> + +Proxy certificate subject is invalid. It MUST be the same as the issuer +with a single CN component added. + =item B<X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE> Key usage does not include digital signature. =item B<X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED> -Proxy certificates not allowed, please set the appropriate flag. +Proxy certificates not allowed, please use B<-allow_proxy_certs>. =item B<X509_V_ERR_INVALID_EXTENSION> |