The branch master has been updated
via d1f7a1e62a5b67b492f8e7eb48130bf00f9a3ab0 (commit)
from f80c864318ee86cf26492c6914299423cddbe229 (commit)
- Log -----------------------------------------------------------------
commit d1f7a1e62a5b67b492f8e7eb48130bf00f9a3ab0
Author: Matt Caswell <[email protected]>
Date: Thu Apr 26 14:05:40 2018 +0100
Update the *use_certificate* docs
Note that calling the *use_certificate* functions will replace any existing
certificate of the same type. The same thing applies for private keys.
Fixes #2147
Reviewed-by: Rich Salz <[email protected]>
(Merged from https://github.com/openssl/openssl/pull/6092)
-----------------------------------------------------------------------
Summary of changes:
doc/man3/SSL_CTX_use_certificate.pod | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/doc/man3/SSL_CTX_use_certificate.pod
b/doc/man3/SSL_CTX_use_certificate.pod
index 4dff79c..b065d8f 100644
--- a/doc/man3/SSL_CTX_use_certificate.pod
+++ b/doc/man3/SSL_CTX_use_certificate.pod
@@ -170,6 +170,13 @@ L<SSL_CTX_set_default_passwd_cb(3)>.
of view, it however does not make sense as the data in the certificate
is considered public anyway.)
+All of the functions to set a new certificate will replace any existing
+certificate of the same type that has already been set. Similarly all of the
+functions to set a new private key will replace any private key that has
already
+been set. Applications should call L<SSL_CTX_check_private_key(3)> or
+L<SSL_check_private_key(3)> as appropriate after loading a new certificate and
+private key to confirm that the certificate and key match.
+
=head1 RETURN VALUES
On success, the functions return 1.
_____
openssl-commits mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-commits
