From 3142c86d65a7da76d60622dcf1c177479d1bc9de Mon Sep 17 00:00:00 2001 From: "Dr. Stephen Henson" Date: Wed, 23 Feb 2000 01:11:01 +0000 Subject: Allow ADH to be used but not present in the default cipher list. Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures: some CAs do this. --- doc/apps/ciphers.pod | 5 +++-- doc/apps/pkcs7.pod | 12 ++++++++++++ 2 files changed, 15 insertions(+), 2 deletions(-) (limited to 'doc') diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod index 2ca55b0cc9..2301e28251 100644 --- a/doc/apps/ciphers.pod +++ b/doc/apps/ciphers.pod @@ -101,7 +101,8 @@ The following is a list of all permitted cipher strings and their meanings. =item B the default cipher list. This is determined at compile time and is normally -B. This must be the first cipher string specified. +B. This must be the first cipher string +specified. =item B @@ -143,7 +144,7 @@ included. the cipher suites offering no authentication. This is currently the anonymous DH algorithms. These cipher suites are vulnerable to a "man in the middle" -attack and so there use is normally discouraged. +attack and so their use is normally discouraged. =item B, B diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod index b721e395a2..4e9bd6e46b 100644 --- a/doc/apps/pkcs7.pod +++ b/doc/apps/pkcs7.pod @@ -71,6 +71,18 @@ Output all certificates in a file: openssl pkcs7 -in file.pem -print_certs -out certs.pem +=head1 NOTES + +The PEM PKCS#7 format uses the header and footer lines: + + -----BEGIN PKCS7----- + -----END PKCS7----- + +For compatability with some CAs it will also accept: + + -----BEGIN CERTIFICATE----- + -----END CERTIFICATE----- + =head1 RESTRICTIONS There is no option to print out all the fields of a PKCS#7 file. -- cgit v1.2.3