Commit 40e2d76b authored by Matt Caswell's avatar Matt Caswell
Browse files

Document -no-CApath and -no-CAfile 



Add documentation to all the appropriate apps for the new -no-CApath and
-no-CAfile options.

Reviewed-by: default avatarAndy Polyakov <appro@openssl.org>
parent 2b6bcb70

doc/apps/cms.pod

+10 −0
Original line number Diff line number Diff line
@@ -35,6 +35,8 @@ B<openssl> B<cms> 
[B<-print>]

[B<-CAfile file>]

[B<-CApath dir>]

[B<-no-CAfile>]

[B<-no-CApath>]

[B<-attime timestamp>]

[B<-check_ss_sig>]

[B<-crl_check>]
@@ -272,6 +274,14 @@ B<-verify>. This directory must be a standard certificate directory: that 
is a hash of each subject name (using B<x509 -hash>) should be linked

to each certificate.



=item B<-no-CAfile>



Do not load the trusted CA certificates from the default file location



=item B<-no-CApath>



Do not load the trusted CA certificates from the default directory location



=item B<-md digest>



digest algorithm to use when signing or resigning. If not present then the

doc/apps/ocsp.pod

+10 −0
Original line number Diff line number Diff line
@@ -30,6 +30,8 @@ B<openssl> B<ocsp> 
[B<-path>]

[B<-CApath dir>]

[B<-CAfile file>]

[B<-no-CAfile>]

[B<-no-CApath>]

[B<-attime timestamp>]

[B<-check_ss_sig>]

[B<-crl_check>]
@@ -177,6 +179,14 @@ connection timeout to the OCSP responder in seconds 
file or pathname containing trusted CA certificates. These are used to verify

the signature on the OCSP response.



=item B<-no-CAfile>



Do not load the trusted CA certificates from the default file location



=item B<-no-CApath>



Do not load the trusted CA certificates from the default directory location



=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,

doc/apps/pkcs12.pod

+10 −0
Original line number Diff line number Diff line
@@ -39,6 +39,8 @@ B<openssl> B<pkcs12> 
[B<-rand file(s)>]

[B<-CAfile file>]

[B<-CApath dir>]

[B<-no-CAfile>]

[B<-no-CApath>]

[B<-CSP name>]



=head1 DESCRIPTION
@@ -281,6 +283,14 @@ CA storage as a directory. This directory must be a standard certificate 
directory: that is a hash of each subject name (using B<x509 -hash>) should be

linked to each certificate.



=item B<-no-CAfile>



Do not load the trusted CA certificates from the default file location



=item B<-no-CApath>



Do not load the trusted CA certificates from the default directory location



=item B<-CSP name>



write B<name> as a Microsoft CSP name.

doc/apps/s_client.pod

+10 −0
Original line number Diff line number Diff line
@@ -20,6 +20,8 @@ B<openssl> B<s_client> 
[B<-pass arg>]

[B<-CApath directory>]

[B<-CAfile filename>]

[B<-no-CAfile>]

[B<-no-CApath>]

[B<-attime timestamp>]

[B<-check_ss_sig>]

[B<-crl_check>]
@@ -158,6 +160,14 @@ also used when building the client certificate chain. 
A file containing trusted certificates to use during server authentication

and to use when attempting to build the client certificate chain.



=item B<-no-CAfile>



Do not load the trusted CA certificates from the default file location



=item B<-no-CApath>



Do not load the trusted CA certificates from the default directory location



=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>,

B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>,

B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>,

doc/apps/s_server.pod

+10 −0
Original line number Diff line number Diff line
@@ -34,6 +34,8 @@ B<openssl> B<s_server> 
[B<-state>]

[B<-CApath directory>]

[B<-CAfile filename>]

[B<-no-CAfile>]

[B<-no-CApath>]

[B<-attime timestamp>]

[B<-check_ss_sig>]

[B<-explicit_policy>]
@@ -207,6 +209,14 @@ and to use when attempting to build the server certificate chain. The list 
is also used in the list of acceptable client CAs passed to the client when

a certificate is requested.



=item B<-no-CAfile>



Do not load the trusted CA certificates from the default file location



=item B<-no-CApath>



Do not load the trusted CA certificates from the default directory location



=item B<-verify depth>, B<-Verify depth>



The verify depth to use. This specifies the maximum length of the