diff options
author | Rich Salz <rsalz@akamai.com> | 2015-07-09 14:54:13 -0400 |
---|---|---|
committer | Rich Salz <rsalz@openssl.org> | 2015-07-14 07:46:20 -0400 |
commit | 5b89036c41a009a76cd0e1595dde5001ae157972 (patch) | |
tree | adf1d29e8b504cc62a6cf17c9c28216ca7af9ea9 /doc/apps | |
parent | e5c0bc6cc49a23b50a272801c4bd53639c25fca4 (diff) | |
download | openssl-5b89036c41a009a76cd0e1595dde5001ae157972.tar.gz |
Can't use -trusted with -CA{path,file}
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Diffstat (limited to 'doc/apps')
-rw-r--r-- | doc/apps/verify.pod | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod index 9cc7fcb817..b1253da740 100644 --- a/doc/apps/verify.pod +++ b/doc/apps/verify.pod @@ -182,13 +182,17 @@ behaviour to match that of OpenSSL versions prior to 1.1.0. =item B<-untrusted file> -A file of untrusted certificates. The file should contain multiple certificates -in PEM format concatenated together. +A file of untrusted certificates. The file should contain one or more +certificates in PEM format. =item B<-trusted file> -A file of additional trusted certificates. The file should contain multiple -certificates in PEM format concatenated together. +A file of trusted certificates. The file contain one or more +certificates in PEM format. +With this option, no additional (e.g., default) certificate lists +are consulted. That is, the only trusted issuers are those listed +in B<file>. +This option cannot be used with the B<-CAfile> or B<-CApath> options. =item B<-use_deltas> |