diff options
author | Hubert Kario <hkario@redhat.com> | 2014-06-19 15:34:49 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-06-19 23:09:21 +0100 |
commit | e42d84be33cc3cf68012917cc4bf8a9895130149 (patch) | |
tree | d0a12966f31c75cbd312eec84144ce540b54ba4e /doc | |
parent | 2866441a9027b0f7f07c675ba450eff897e16a91 (diff) | |
download | openssl-e42d84be33cc3cf68012917cc4bf8a9895130149.tar.gz |
add references to verify(1) man page for args_verify() options
cms, ocsp, s_client, s_server and smime tools also use args_verify()
for parsing options, that makes them most of the same options
verify tool does. Add those options to man pages and reference
their explanation in the verify man page.
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/cms.pod | 33 | ||||
-rw-r--r-- | doc/apps/ocsp.pod | 35 | ||||
-rw-r--r-- | doc/apps/s_client.pod | 34 | ||||
-rw-r--r-- | doc/apps/s_server.pod | 32 | ||||
-rw-r--r-- | doc/apps/smime.pod | 33 |
5 files changed, 160 insertions, 7 deletions
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod index 66be0bf2a5..fb2dff463d 100644 --- a/doc/apps/cms.pod +++ b/doc/apps/cms.pod @@ -35,7 +35,32 @@ B<openssl> B<cms> [B<-print>] [B<-CAfile file>] [B<-CApath dir>] +[B<-attime timestamp>] +[B<-check_ss_sig>] +[B<-crl_check>] +[B<-crl_check_all>] +[B<-explicit_policy>] +[B<-extended_crl>] +[B<-ignore_critical>] +[B<-inhibit_any>] +[B<-inhibit_map>] +[B<-issuer_checks>] +[B<-partial_chain>] +[B<-policy arg>] +[B<-policy_check>] +[B<-policy_print>] +[B<-purpose purpose>] +[B<-suiteB_128>] +[B<-suiteB_128_only>] +[B<-suiteB_192>] [B<-trusted_first>] +[B<-use_deltas>] +[B<-verify_depth num>] +[B<-verify_email email>] +[B<-verify_hostname hostname>] +[B<-verify_ip ip>] +[B<-verify_name name>] +[B<-x509_strict>] [B<-md digest>] [B<-[cipher]>] [B<-nointern>] @@ -430,7 +455,13 @@ portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate's email address matches that specified in the From: address. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> +=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>, +B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>, +B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>, +B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>, +B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>, +B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>, +B<-verify_name>, B<-x509_strict> Set various certificate chain valiadition options. See the L<B<verify>|verify(1)> manual page for details. diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod index 6939e55a2a..9758474f1c 100644 --- a/doc/apps/ocsp.pod +++ b/doc/apps/ocsp.pod @@ -29,7 +29,32 @@ B<openssl> B<ocsp> [B<-path>] [B<-CApath dir>] [B<-CAfile file>] +[B<-attime timestamp>] +[B<-check_ss_sig>] +[B<-crl_check>] +[B<-crl_check_all>] +[B<-explicit_policy>] +[B<-extended_crl>] +[B<-ignore_critical>] +[B<-inhibit_any>] +[B<-inhibit_map>] +[B<-issuer_checks>] +[B<-partial_chain>] +[B<-policy arg>] +[B<-policy_check>] +[B<-policy_print>] +[B<-purpose purpose>] +[B<-suiteB_128>] +[B<-suiteB_128_only>] +[B<-suiteB_192>] [B<-trusted_first>] +[B<-use_deltas>] +[B<-verify_depth num>] +[B<-verify_email email>] +[B<-verify_hostname hostname>] +[B<-verify_ip ip>] +[B<-verify_name name>] +[B<-x509_strict>] [B<-VAfile file>] [B<-validity_period n>] [B<-status_age n>] @@ -139,9 +164,15 @@ or "/" by default. file or pathname containing trusted CA certificates. These are used to verify the signature on the OCSP response. -=item B<-trusted_first> +=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>, +B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>, +B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>, +B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>, +B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>, +B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>, +B<-verify_name>, B<-x509_strict> -Set certificate verification option. +Set different certificate verification options. See L<B<verify>|verify(1)> manual page for details. =item B<-verify_other file> diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod index 55c501e29d..27764486d8 100644 --- a/doc/apps/s_client.pod +++ b/doc/apps/s_client.pod @@ -19,6 +19,32 @@ B<openssl> B<s_client> [B<-CApath directory>] [B<-CAfile filename>] [B<-trusted_first>] +[B<-attime timestamp>] +[B<-check_ss_sig>] +[B<-crl_check>] +[B<-crl_check_all>] +[B<-explicit_policy>] +[B<-extended_crl>] +[B<-ignore_critical>] +[B<-inhibit_any>] +[B<-inhibit_map>] +[B<-issuer_checks>] +[B<-partial_chain>] +[B<-policy arg>] +[B<-policy_check>] +[B<-policy_print>] +[B<-purpose purpose>] +[B<-suiteB_128>] +[B<-suiteB_128_only>] +[B<-suiteB_192>] +[B<-trusted_first>] +[B<-use_deltas>] +[B<-verify_depth num>] +[B<-verify_email email>] +[B<-verify_hostname hostname>] +[B<-verify_ip ip>] +[B<-verify_name name>] +[B<-x509_strict>] [B<-reconnect>] [B<-pause>] [B<-showcerts>] @@ -117,7 +143,13 @@ also used when building the client certificate chain. A file containing trusted certificates to use during server authentication and to use when attempting to build the client certificate chain. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> +=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>, +B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>, +B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>, +B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>, +B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>, +B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>, +B<-verify_name>, B<-x509_strict> Set various certificate chain valiadition options. See the L<B<verify>|verify(1)> manual page for details. diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod index 1de307a0ff..1006b43f2e 100644 --- a/doc/apps/s_server.pod +++ b/doc/apps/s_server.pod @@ -34,7 +34,30 @@ B<openssl> B<s_server> [B<-state>] [B<-CApath directory>] [B<-CAfile filename>] +[B<-attime timestamp>] +[B<-check_ss_sig>] +[B<-explicit_policy>] +[B<-extended_crl>] +[B<-ignore_critical>] +[B<-inhibit_any>] +[B<-inhibit_map>] +[B<-issuer_checks>] +[B<-partial_chain>] +[B<-policy arg>] +[B<-policy_check>] +[B<-policy_print>] +[B<-purpose purpose>] +[B<-suiteB_128>] +[B<-suiteB_128_only>] +[B<-suiteB_192>] [B<-trusted_first>] +[B<-use_deltas>] +[B<-verify_depth num>] +[B<-verify_email email>] +[B<-verify_hostname hostname>] +[B<-verify_ip ip>] +[B<-verify_name name>] +[B<-x509_strict>] [B<-nocert>] [B<-cipher cipherlist>] [B<-quiet>] @@ -184,9 +207,14 @@ and to use when attempting to build the server certificate chain. The list is also used in the list of acceptable client CAs passed to the client when a certificate is requested. -=item B<-trusted_first> +=item B<-attime>, B<-check_ss_sig>, B<explicit_policy>, B<-extended_crl>, +B<-ignore_critical>, B<-inhibit_any>, B<-inhibit_map>, B<-issuer_checks>, +B<-partial_chain>, B<-policy>, B<-policy_check>, B<-policy_print>, B<-purpose>, +B<-suiteB_128>, B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, +B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, +B<-verify_ip>, B<-verify_name>, B<-x509_strict> -Set certificate verification option. +Set different peer certificate verification options. See the L<B<verify>|verify(1)> manual page for details. =item B<-state> diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod index 8b483e3f08..c85a44b923 100644 --- a/doc/apps/smime.pod +++ b/doc/apps/smime.pod @@ -17,7 +17,32 @@ B<openssl> B<smime> [B<-in file>] [B<-CAfile file>] [B<-CApath dir>] +[B<-attime timestamp>] +[B<-check_ss_sig>] +[B<-crl_check>] +[B<-crl_check_all>] +[B<-explicit_policy>] +[B<-extended_crl>] +[B<-ignore_critical>] +[B<-inhibit_any>] +[B<-inhibit_map>] +[B<-issuer_checks>] +[B<-partial_chain>] +[B<-policy arg>] +[B<-policy_check>] +[B<-policy_print>] +[B<-purpose purpose>] +[B<-suiteB_128>] +[B<-suiteB_128_only>] +[B<-suiteB_192>] [B<-trusted_first>] +[B<-use_deltas>] +[B<-verify_depth num>] +[B<-verify_email email>] +[B<-verify_hostname hostname>] +[B<-verify_ip ip>] +[B<-verify_name name>] +[B<-x509_strict>] [B<-certfile file>] [B<-signer file>] [B<-recip file>] @@ -262,7 +287,13 @@ portion of a message so they may be included manually. If signing then many S/MIME mail clients check the signers certificate's email address matches that specified in the From: address. -=item B<-purpose, -ignore_critical, -issuer_checks, -crl_check, -crl_check_all, -policy_check, -extended_crl, -x509_strict, -policy -check_ss_sig, -trusted_first> +=item B<-attime>, B<-check_ss_sig>, B<-crl_check>, B<-crl_check_all>, +B<explicit_policy>, B<-extended_crl>, B<-ignore_critical>, B<-inhibit_any>, +B<-inhibit_map>, B<-issuer_checks>, B<-partial_chain>, B<-policy>, +B<-policy_check>, B<-policy_print>, B<-purpose>, B<-suiteB_128>, +B<-suiteB_128_only>, B<-suiteB_192>, B<-trusted_first>, B<-use_deltas>, +B<-verify_depth>, B<-verify_email>, B<-verify_hostname>, B<-verify_ip>, +B<-verify_name>, B<-x509_strict> Set various options of certificate chain verification. See L<B<verify>|verify(1)> manual page for details. |