Home Explore Help
Sign In
OWEALs
/
openssl
mirror of git://git.openssl.org/openssl.git
2
0
Fork 0
Files Issues 1 Wiki
Browse Source

add missing entries for "-multivalue-rdn" and "-utf8" in ca.pod and req.pod

PR: 1158
Submitted by: Michael Bell <michael.bell@cms.hu-berlin.de>
Nils Larsch 19 years ago
parent
b4f5e5c959
commit
57eb1d3250
2 changed files with 35 additions and 7 deletions
Unified View Show Diff Stats
  1. 25 7
      doc/apps/ca.pod
  2. 10 0
      doc/apps/req.pod

+ 25 - 7
doc/apps/ca.pod
View File 

@@ -17,7 +17,6 @@ B<openssl> B<ca>
 
 [B<-crl_hold instruction>]
 
 [B<-crl_hold instruction>]
 
 [B<-crl_compromise time>]
 
 [B<-crl_compromise time>]
 
 [B<-crl_CA_compromise time>]
 
 [B<-crl_CA_compromise time>]
 
-[B<-subj arg>]
 
 [B<-crldays days>]
 
 [B<-crldays days>]
 
 [B<-crlhours hours>]
 
 [B<-crlhours hours>]
 
 [B<-crlexts section>]
 
 [B<-crlexts section>]
 
@@ -45,6 +44,9 @@ B<openssl> B<ca>
 
 [B<-extensions section>]
 
 [B<-extensions section>]
 
 [B<-extfile section>]
 
 [B<-extfile section>]
 
 [B<-engine id>]
 
 [B<-engine id>]
 
+[B<-subj arg>]
 
+[B<-utf8>]
 
+[B<-multivalue-rdn>]
 
 
 
 =head1 DESCRIPTION
 
 =head1 DESCRIPTION
 
 
 
@@ -218,6 +220,28 @@ to attempt to obtain a functional reference to the specified engine,
 
 thus initialising it if needed. The engine will then be set as the default
 
 thus initialising it if needed. The engine will then be set as the default
 
 for all available algorithms.
 
 for all available algorithms.
 
 
 
+=item B<-subj arg>
 
+
 
+supersedes subject name given in the request.
 
+The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
 
+characters may be escaped by \ (backslash), no spaces are skipped.
 
+
 
+=item B<-utf8>
 
+
 
+this option causes field values to be interpreted as UTF8 strings, by 
+default they are interpreted as ASCII. This means that the field
 
+values, whether prompted from a terminal or obtained from a
 
+configuration file, must be valid UTF8 strings.
 
+
 
+=item B<-multivalue-rdn>
 
+
 
+this option causes the -subj argument to be interpretedt with full
 
+support for multivalued RDNs. Example:
 
+
 
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
 
+
 
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
 
+
 
 =back
 
 =back
 
 
 
 =head1 CRL OPTIONS
 
 =head1 CRL OPTIONS
 
@@ -268,12 +292,6 @@ B<time>. B<time> should be in GeneralizedTime format that is B<YYYYMMDDHHMMSSZ>.
 
 This is the same as B<crl_compromise> except the revocation reason is set to
 
 This is the same as B<crl_compromise> except the revocation reason is set to
 
 B<CACompromise>.
 
 B<CACompromise>.
 
 
 
-=item B<-subj arg>
 
-
 
-supersedes subject name given in the request.
 
-The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
 
-characters may be escaped by \ (backslash), no spaces are skipped.
 
-
 
 =item B<-crlexts section>
 
 =item B<-crlexts section>
 
 
 
 the section of the configuration file containing CRL extensions to
 
 the section of the configuration file containing CRL extensions to

+ 10 - 0
doc/apps/req.pod
View File 

@@ -30,6 +30,7 @@ B<openssl> B<req>
 
 [B<-[md5|sha1|md2|mdc2]>]
 
 [B<-[md5|sha1|md2|mdc2]>]
 
 [B<-config filename>]
 
 [B<-config filename>]
 
 [B<-subj arg>]
 
 [B<-subj arg>]
 
+[B<-multivalue-rdn>]
 
 [B<-x509>]
 
 [B<-x509>]
 
 [B<-days n>]
 
 [B<-days n>]
 
 [B<-set_serial n>]
 
 [B<-set_serial n>]
 
@@ -173,6 +174,15 @@ when processing a request.
 
 The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
 
 The arg must be formatted as I</type0=value0/type1=value1/type2=...>,
 
 characters may be escaped by \ (backslash), no spaces are skipped.
 
 characters may be escaped by \ (backslash), no spaces are skipped.
 
 
 
+=item B<-multivalue-rdn>
 
+
 
+this option causes the -subj argument to be interpreted with full
 
+support for multivalued RDNs. Example:
 
+
 
+I</DC=org/DC=OpenSSL/DC=users/UID=123456+CN=John Doe>
 
+
 
+If -multi-rdn is not used then the UID value is I<123456+CN=John Doe>.
 
+
 
 =item B<-x509>
 
 =item B<-x509>
 
 
 
 this option outputs a self signed certificate instead of a certificate
 
 this option outputs a self signed certificate instead of a certificate