8 files changed, 14 insertions, 14 deletions

diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
index ed6aa6bc84..84a799fc71 100644
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -58,7 +58,7 @@ failure.
 In server mode, when requesting a client certificate, the server must send
 the list of CAs of which it will accept client certificates. This list
 is not influenced by the contents of B<CAfile> or B<CApath> and must
-explicitely be set using the
+explicitly be set using the
 L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
 family of functions.
 
diff --git a/doc/ssl/SSL_CTX_set_info_callback.pod b/doc/ssl/SSL_CTX_set_info_callback.pod
index 15dab2f1b1..e61be4e388 100644
--- a/doc/ssl/SSL_CTX_set_info_callback.pod
+++ b/doc/ssl/SSL_CTX_set_info_callback.pod
@@ -43,7 +43,7 @@ is called whenever the state changes, an alert appears, or an error occurs.
 
 The callback function is called as B<callback(SSL *ssl, int where, int ret)>.
 The B<where> argument specifies information about where (in which context)
-the callback function was called. If B<ret> is 0, an error condition occured.
+the callback function was called. If B<ret> is 0, an error condition occurred.
 If an alert is handled, SSL_CB_ALERT is set and B<ret> specifies the alert
 information.
 
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
index 1498bd4f1e..ad300bf798 100644
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@@ -133,7 +133,7 @@ This option must be used to prevent small subgroup attacks, when
 the DH parameters were not generated using "strong" primes
 (e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
 If "strong" primes were used, it is not strictly necessary to generate
-a new DH key during each handshake but it is also recommendet.
+a new DH key during each handshake but it is also recommended.
 SSL_OP_SINGLE_DH_USE should therefore be enabled whenever
 temporary/ephemeral DH parameters are used.
 
@@ -209,6 +209,6 @@ SSL_OP_CIPHER_SERVER_PREFERENCE has been added in OpenSSL 0.9.7.
 
 SSL_OP_TLS_ROLLBACK_BUG has been added in OpenSSL 0.9.6 and was automatically
 enabled with SSL_OP_ALL. As of 0.9.7 it is no longer included in SSL_OP_ALL
-and must be explicitely set.
+and must be explicitly set.
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
index 707d62c12c..29d1f8a6fb 100644
--- a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+++ b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
@@ -29,7 +29,7 @@ The key is inherited by all B<ssl> objects created from B<ctx>.
 
 SSL_set_tmp_dh_callback() sets the callback only for B<ssl>.
 
-SSL_set_tmp_dh() sets the paramters only for B<ssl>.
+SSL_set_tmp_dh() sets the parameters only for B<ssl>.
 
 These functions apply to SSL/TLS servers only.
 
@@ -54,7 +54,7 @@ In order to perform a DH key exchange the server must use a DH group
 DH key during the negotiation, when the DH parameters are supplied via
 callback and/or when the SSL_OP_SINGLE_DH_USE option of
 L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)> is set. It will
-immediatly create a DH key, when DH parameters are supplied via
+immediately create a DH key, when DH parameters are supplied via
 SSL_CTX_set_tmp_dh() and SSL_OP_SINGLE_DH_USE is not set. In this case,
 it may happen that a key is generated on initialization without later
 being needed, while on the other hand the computer time during the
@@ -74,7 +74,7 @@ should not generate the parameters on the fly but supply the parameters.
 DH parameters can be reused, as the actual key is newly generated during
 the negotiation. The risk in reusing DH parameters is that an attacker
 may specialize on a very often used DH group. Applications should therefore
-generate their own DH paramaters during the installation process using the
+generate their own DH parameters during the installation process using the
 openssl L<dhparam(1)|dhparam(1)> application. In order to reduce the computer
 time needed for this generation, it is possible to use DSA parameters
 instead (see L<dhparam(1)|dhparam(1)>), but in this case SSL_OP_SINGLE_DH_USE
diff --git a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
index e4e68cddef..f85775927d 100644
--- a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
+++ b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
@@ -31,7 +31,7 @@ SSL_CTX_set_tmp_rsa() sets the temporary/ephemeral RSA key to be used to be
 B<rsa>. The key is inherited by all SSL objects newly created from B<ctx>
 with <SSL_new(3)|SSL_new(3)>. Already created SSL objects are not affected.
 
-SSL_CTX_need_tmp_rsa() returns 1, if a temporay/ephemeral RSA key is needed
+SSL_CTX_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed
 for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
 with a keysize larger than 512 bits is installed.
 
@@ -39,7 +39,7 @@ SSL_set_tmp_rsa_callback() sets the callback only for B<ssl>.
 
 SSL_set_tmp_rsa() sets the key only for B<ssl>.
 
-SSL_need_tmp_rsa() returns 1, if a temporay/ephemeral RSA key is needed,
+SSL_need_tmp_rsa() returns 1, if a temporary/ephemeral RSA key is needed,
 for RSA-based strength-limited 'exportable' ciphersuites because a RSA key
 with a keysize larger than 512 bits is installed.
 
diff --git a/doc/ssl/SSL_alert_type_string.pod b/doc/ssl/SSL_alert_type_string.pod
index e9acd934a7..94e28cc307 100644
--- a/doc/ssl/SSL_alert_type_string.pod
+++ b/doc/ssl/SSL_alert_type_string.pod
@@ -130,9 +130,9 @@ other fields. This is always fatal.
 
 =item "DC"/"decryption failed"
 
-A TLSCiphertext decrypted in an invalid way: either it wasn`t an
+A TLSCiphertext decrypted in an invalid way: either it wasn't an
 even multiple of the block length or its padding values, when
-checked, weren`t correct. This message is always fatal.
+checked, weren't correct. This message is always fatal.
 
 =item "RO"/"record overflow"
 
@@ -144,7 +144,7 @@ with more than 2^14+1024 bytes. This message is always fatal.
 
 A valid certificate chain or partial chain was received, but the
 certificate was not accepted because the CA certificate could not
-be located or couldn`t be matched with a known, trusted CA.  This
+be located or couldn't be matched with a known, trusted CA.  This
 message is always fatal.
 
 =item "AD"/"access denied"
diff --git a/doc/ssl/SSL_get_peer_certificate.pod b/doc/ssl/SSL_get_peer_certificate.pod
index 18d1db5183..60635a9660 100644
--- a/doc/ssl/SSL_get_peer_certificate.pod
+++ b/doc/ssl/SSL_get_peer_certificate.pod
@@ -19,7 +19,7 @@ peer presented. If the peer did not present a certificate, NULL is returned.
 
 Due to the protocol definition, a TLS/SSL server will always send a
 certificate, if present. A client will only send a certificate when
-explicitely requested to do so by the server (see
+explicitly requested to do so by the server (see
 L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
 is used, no certificates are sent.
 
diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod
index adf52a93c2..7adf8adfed 100644
--- a/doc/ssl/SSL_set_connect_state.pod
+++ b/doc/ssl/SSL_set_connect_state.pod
@@ -36,7 +36,7 @@ When using the L<SSL_connect(3)|SSL_connect(3)> or
 L<SSL_accept(3)|SSL_accept(3)> routines, the correct handshake
 routines are automatically set. When performing a transparent negotiation
 using L<SSL_write(3)|SSL_write(3)> or L<SSL_read(3)|SSL_read(3)>, the
-handshake routines must be explicitely set in advance using either
+handshake routines must be explicitly set in advance using either
 SSL_set_connect_state() or SSL_set_accept_state().
 
 =head1 RETURN VALUES