From 61d24f102d114a001fc8942bcb27620a242ec4c5 Mon Sep 17 00:00:00 2001
From: "Dr. Stephen Henson" <steve@openssl.org>
Date: Sun, 9 Sep 2012 20:47:36 +0000
Subject: update README

---
 demos/certs/README | 20 ++++++++++++++++----
 1 file changed, 16 insertions(+), 4 deletions(-)

(limited to 'demos')

diff --git a/demos/certs/README b/demos/certs/README
index d022d0afc0..126663a1d8 100644
--- a/demos/certs/README
+++ b/demos/certs/README
@@ -3,7 +3,19 @@ a script. This is often a cause for confusion which can result in incorrect
 CA certificates, obsolete V1 certificates or duplicate serial numbers.
 The range of command line options can be daunting for a beginner.
 
-This is a simple example of how to generate certificates automatically
-using scripts. Example creates a root CA, a server certificate signed by
-the root, an intermediate CA signed by the root and finally a client 
-certificate signed by the intermediate CA.
+The mkcerts.sh script is an example of how to generate certificates
+automatically using scripts. Example creates a root CA, an intermediate CA
+signed by the root and several certificates signed by the intermediate CA.
+
+The script then creates an empty index.txt file and adds entries for the
+certificates and generates a CRL. Then one certificate is revoked and a 
+second CRL generated.
+
+The script ocsprun.sh runs the test responder on port 8888 covering the
+client certificates.
+
+The script ocspquery.sh queries the status of the certificates using the
+test responder.
+
+
+
-- 
cgit v1.2.3