Loading apps/verify.c +7 −1 Original line number Diff line number Diff line Loading @@ -88,7 +88,7 @@ OPTIONS verify_options[] = { {"CApath", OPT_CAPATH, '/', "A directory of trusted certificates"}, {"CAfile", OPT_CAFILE, '<', "A file of trusted certificates"}, {"untrusted", OPT_UNTRUSTED, '<', "A file of untrusted certificates"}, {"trusted", OPT_TRUSTED, '<', "A file of additional trusted certificates"}, {"trusted", OPT_TRUSTED, '<', "A file of trusted certificates"}, {"CRLfile", OPT_CRLFILE, '<', "File containing one or more CRL's (in PEM format) to load"}, {"crl_download", OPT_CRL_DOWNLOAD, '-', Loading Loading @@ -180,6 +180,12 @@ int verify_main(int argc, char **argv) } argc = opt_num_rest(); argv = opt_rest(); if (trustfile && (CAfile || CApath)) { BIO_printf(bio_err, "%s: Cannot use -trusted with -CAfile or -CApath\n", prog); goto end; } if (!app_load_modules(NULL)) goto end; Loading doc/apps/verify.pod +8 −4 Original line number Diff line number Diff line Loading @@ -182,13 +182,17 @@ behaviour to match that of OpenSSL versions prior to 1.1.0. =item B<-untrusted file> A file of untrusted certificates. The file should contain multiple certificates in PEM format concatenated together. A file of untrusted certificates. The file should contain one or more certificates in PEM format. =item B<-trusted file> A file of additional trusted certificates. The file should contain multiple certificates in PEM format concatenated together. A file of trusted certificates. The file contain one or more certificates in PEM format. With this option, no additional (e.g., default) certificate lists are consulted. That is, the only trusted issuers are those listed in B<file>. This option cannot be used with the B<-CAfile> or B<-CApath> options. =item B<-use_deltas> Loading Loading
apps/verify.c +7 −1 Original line number Diff line number Diff line Loading @@ -88,7 +88,7 @@ OPTIONS verify_options[] = { {"CApath", OPT_CAPATH, '/', "A directory of trusted certificates"}, {"CAfile", OPT_CAFILE, '<', "A file of trusted certificates"}, {"untrusted", OPT_UNTRUSTED, '<', "A file of untrusted certificates"}, {"trusted", OPT_TRUSTED, '<', "A file of additional trusted certificates"}, {"trusted", OPT_TRUSTED, '<', "A file of trusted certificates"}, {"CRLfile", OPT_CRLFILE, '<', "File containing one or more CRL's (in PEM format) to load"}, {"crl_download", OPT_CRL_DOWNLOAD, '-', Loading Loading @@ -180,6 +180,12 @@ int verify_main(int argc, char **argv) } argc = opt_num_rest(); argv = opt_rest(); if (trustfile && (CAfile || CApath)) { BIO_printf(bio_err, "%s: Cannot use -trusted with -CAfile or -CApath\n", prog); goto end; } if (!app_load_modules(NULL)) goto end; Loading
doc/apps/verify.pod +8 −4 Original line number Diff line number Diff line Loading @@ -182,13 +182,17 @@ behaviour to match that of OpenSSL versions prior to 1.1.0. =item B<-untrusted file> A file of untrusted certificates. The file should contain multiple certificates in PEM format concatenated together. A file of untrusted certificates. The file should contain one or more certificates in PEM format. =item B<-trusted file> A file of additional trusted certificates. The file should contain multiple certificates in PEM format concatenated together. A file of trusted certificates. The file contain one or more certificates in PEM format. With this option, no additional (e.g., default) certificate lists are consulted. That is, the only trusted issuers are those listed in B<file>. This option cannot be used with the B<-CAfile> or B<-CApath> options. =item B<-use_deltas> Loading
Viktor Dukhovni <viktor@openssl.org>Viktor Dukhovni <viktor@openssl.org>