summaryrefslogtreecommitdiffstats
path: root/upstream/debian-unstable/man1/openssl-verification-options.1ssl
diff options
context:
space:
mode:
Diffstat (limited to 'upstream/debian-unstable/man1/openssl-verification-options.1ssl')
-rw-r--r--upstream/debian-unstable/man1/openssl-verification-options.1ssl10
1 files changed, 5 insertions, 5 deletions
diff --git a/upstream/debian-unstable/man1/openssl-verification-options.1ssl b/upstream/debian-unstable/man1/openssl-verification-options.1ssl
index 0df638bf..36f038ea 100644
--- a/upstream/debian-unstable/man1/openssl-verification-options.1ssl
+++ b/upstream/debian-unstable/man1/openssl-verification-options.1ssl
@@ -55,7 +55,7 @@
.\" ========================================================================
.\"
.IX Title "OPENSSL-VERIFICATION-OPTIONS 1SSL"
-.TH OPENSSL-VERIFICATION-OPTIONS 1SSL 2024-02-03 3.1.5 OpenSSL
+.TH OPENSSL-VERIFICATION-OPTIONS 1SSL 2024-04-04 3.2.2-dev OpenSSL
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
@@ -232,8 +232,8 @@ The certificates to add to the trust store
can be specified using following options.
.IP "\fB\-CAfile\fR \fIfile\fR" 4
.IX Item "-CAfile file"
-Load the specified file which contains a certificate
-or several of them in case the input is in PEM or PKCS#12 format.
+Load the specified file which contains a trusted certificate in DER format
+or potentially several of them in case the input is in PEM format.
PEM-encoded certificates may also have trust attributes set.
.IP \fB\-no\-CAfile\fR 4
.IX Item "-no-CAfile"
@@ -430,7 +430,7 @@ Set policy variable inhibit-policy-mapping (see RFC5280).
The intended use for the certificate.
Currently defined purposes are \f(CW\*(C`sslclient\*(C'\fR, \f(CW\*(C`sslserver\*(C'\fR, \f(CW\*(C`nssslserver\*(C'\fR,
\&\f(CW\*(C`smimesign\*(C'\fR, \f(CW\*(C`smimeencrypt\*(C'\fR, \f(CW\*(C`crlsign\*(C'\fR, \f(CW\*(C`ocsphelper\*(C'\fR, \f(CW\*(C`timestampsign\*(C'\fR,
-and \f(CW\*(C`any\*(C'\fR.
+\&\f(CW\*(C`codesign\*(C'\fR and \f(CW\*(C`any\*(C'\fR.
If peer certificate verification is enabled, by default the TLS implementation
as well as the commands \fBs_client\fR and \fBs_server\fR check for consistency
with TLS server or TLS client use, respectively.
@@ -624,7 +624,7 @@ only the first one (in the mentioned order of locations) is recognised.
The checks enabled by \fB\-x509_strict\fR have been extended in OpenSSL 3.0.
.SH COPYRIGHT
.IX Header "COPYRIGHT"
-Copyright 2000\-2022 The OpenSSL Project Authors. All Rights Reserved.
+Copyright 2000\-2023 The OpenSSL Project Authors. All Rights Reserved.
.PP
Licensed under the Apache License 2.0 (the "License"). You may not use
this file except in compliance with the License. You can obtain a copy
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-18 18:41:29 +0000