diff options
Diffstat (limited to 'secure/lib/libssl/man/SSL_CTX_load_verify_locations.3')
| -rw-r--r-- | secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 | 63 |
1 files changed, 28 insertions, 35 deletions
diff --git a/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 b/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 index b2ab727..4f99ec6 100644 --- a/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 +++ b/secure/lib/libssl/man/SSL_CTX_load_verify_locations.3 @@ -1,8 +1,7 @@ -.\" Automatically generated by Pod::Man version 1.15 -.\" Wed Feb 19 16:47:38 2003 +.\" Automatically generated by Pod::Man v1.37, Pod::Parser v1.32 .\" .\" Standard preamble: -.\" ====================================================================== +.\" ======================================================================== .de Sh \" Subsection heading .br .if t .Sp @@ -15,12 +14,6 @@ .if t .sp .5v .if n .sp .. -.de Ip \" List item -.br -.ie \\n(.$>=3 .ne \\$3 -.el .ne 3 -.IP "\\$1" \\$2 -.. .de Vb \" Begin verbatim text .ft CW .nf @@ -28,15 +21,14 @@ .. .de Ve \" End verbatim text .ft R - .fi .. .\" Set up some character translations and predefined strings. \*(-- will .\" give an unbreakable dash, \*(PI will give pi, \*(L" will give a left .\" double quote, and \*(R" will give a right double quote. | will give a -.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used -.\" to do unbreakable dashes and therefore won't be available. \*(C` and -.\" \*(C' expand to `' in nroff, nothing in troff, for use with C<> +.\" real vertical bar. \*(C+ will give a nicer C++. Capital omega is used to +.\" do unbreakable dashes and therefore won't be available. \*(C` and \*(C' +.\" expand to `' in nroff, nothing in troff, for use with C<>. .tr \(*W-|\(bv\*(Tr .ds C+ C\v'-.1v'\h'-1p'\s-2+\h'-1p'+\s0\v'.1v'\h'-1p' .ie n \{\ @@ -56,10 +48,10 @@ . ds R" '' 'br\} .\" -.\" If the F register is turned on, we'll generate index entries on stderr -.\" for titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and -.\" index entries marked with X<> in POD. Of course, you'll have to process -.\" the output yourself in some meaningful fashion. +.\" If the F register is turned on, we'll generate index entries on stderr for +.\" titles (.TH), headers (.SH), subsections (.Sh), items (.Ip), and index +.\" entries marked with X<> in POD. Of course, you'll have to process the +.\" output yourself in some meaningful fashion. .if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" @@ -68,14 +60,13 @@ . rr F .\} .\" -.\" For nroff, turn off justification. Always turn off hyphenation; it -.\" makes way too many mistakes in technical documents. +.\" For nroff, turn off justification. Always turn off hyphenation; it makes +.\" way too many mistakes in technical documents. .hy 0 .if n .na .\" .\" Accent mark definitions (@(#)ms.acc 1.5 88/02/08 SMI; from UCB 4.2). .\" Fear. Run. Save yourself. No user-serviceable parts. -.bd B 3 . \" fudge factors for nroff and troff .if n \{\ . ds #H 0 @@ -135,19 +126,19 @@ . ds Ae AE .\} .rm #[ #] #H #V #F C -.\" ====================================================================== +.\" ======================================================================== .\" .IX Title "SSL_CTX_load_verify_locations 3" -.TH SSL_CTX_load_verify_locations 3 "0.9.7a" "2003-02-19" "OpenSSL" -.UC +.TH SSL_CTX_load_verify_locations 3 "2006-07-29" "0.9.8b" "OpenSSL" .SH "NAME" -SSL_CTX_load_verify_locations \- set default locations for trusted \s-1CA\s0 +SSL_CTX_load_verify_locations \- set default locations for trusted CA certificates .SH "SYNOPSIS" .IX Header "SYNOPSIS" .Vb 1 \& #include <openssl/ssl.h> .Ve +.PP .Vb 2 \& int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, \& const char *CApath); @@ -167,6 +158,7 @@ format. The file can contain several \s-1CA\s0 certificates identified by \& ... (CA certificate in base64 encoding) ... \& -----END CERTIFICATE----- .Ve +.PP sequences. Before, between, and after the certificates text is allowed which can be used e.g. for descriptions of the certificates. .PP @@ -199,14 +191,14 @@ In server mode, when requesting a client certificate, the server must send the list of CAs of which it will accept client certificates. This list is not influenced by the contents of \fBCAfile\fR or \fBCApath\fR and must explicitly be set using the -SSL_CTX_set_client_CA_list(3) +\&\fISSL_CTX_set_client_CA_list\fR\|(3) family of functions. .PP When building its own certificate chain, an OpenSSL client/server will try to fill in missing certificates from \fBCAfile\fR/\fBCApath\fR, if the certificate chain was not explicitly specified (see -SSL_CTX_add_extra_chain_cert(3), -SSL_CTX_use_certificate(3). +\&\fISSL_CTX_add_extra_chain_cert\fR\|(3), +\&\fISSL_CTX_use_certificate\fR\|(3). .SH "WARNINGS" .IX Header "WARNINGS" If several \s-1CA\s0 certificates matching the name, key identifier, and serial @@ -227,6 +219,7 @@ ca1.pem ca2.pem ca3.pem: \& openssl x509 -in $i -text >> CAfile.pem \& done .Ve +.PP Prepare the directory /some/where/certs containing several \s-1CA\s0 certificates for use as \fBCApath\fR: .PP @@ -237,18 +230,18 @@ for use as \fBCApath\fR: .SH "RETURN VALUES" .IX Header "RETURN VALUES" The following return values can occur: -.Ip "0" 4 +.IP "0" 4 The operation failed because \fBCAfile\fR and \fBCApath\fR are \s-1NULL\s0 or the processing at one of the locations specified failed. Check the error stack to find out the reason. -.Ip "1" 4 +.IP "1" 4 .IX Item "1" The operation succeeded. .SH "SEE ALSO" .IX Header "SEE ALSO" -ssl(3), -SSL_CTX_set_client_CA_list(3), -SSL_get_client_CA_list(3), -SSL_CTX_use_certificate(3), -SSL_CTX_add_extra_chain_cert(3), -SSL_CTX_set_cert_store(3) +\&\fIssl\fR\|(3), +\&\fISSL_CTX_set_client_CA_list\fR\|(3), +\&\fISSL_get_client_CA_list\fR\|(3), +\&\fISSL_CTX_use_certificate\fR\|(3), +\&\fISSL_CTX_add_extra_chain_cert\fR\|(3), +\&\fISSL_CTX_set_cert_store\fR\|(3) |
