From 7ceb770883d5bbb60868df46a699dff928f865aa Mon Sep 17 00:00:00 2001
From: olszomal <Malgorzata.Olszowka@stunnel.org>
Date: Thu, 8 Feb 2024 14:30:22 +0100
Subject: Improve the documentation on -cert_chain and -status_verbose options

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22192)
---
 doc/man1/openssl-s_server.pod.in | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/doc/man1/openssl-s_server.pod.in b/doc/man1/openssl-s_server.pod.in
index 6b9c91ba87..268eca066b 100644
--- a/doc/man1/openssl-s_server.pod.in
+++ b/doc/man1/openssl-s_server.pod.in
@@ -232,6 +232,8 @@ See L<openssl-format-options(1)> for details.
 
 A file or URI of untrusted certificates to use when attempting to build the
 certificate chain related to the certificate specified via the B<-cert> option.
+These untrusted certificates are sent to clients and used for generating
+certificate status (aka OCSP stapling) requests.
 The input can be in PEM, DER, or PKCS#12 format.
 
 =item B<-build_chain>
@@ -513,6 +515,8 @@ Enables certificate status request support (aka OCSP stapling).
 
 Enables certificate status request support (aka OCSP stapling) and gives
 a verbose printout of the OCSP response.
+Use the B<-cert_chain> option to specify the certificate of the server's
+certificate signer that is required for certificate status requests.
 
 =item B<-status_timeout> I<int>
 
-- 
cgit v1.2.3