I've discovered that having a trailing slash in an OCSP URL can cause
problems with MS-CAPI. This is a minimal patch to make the example
non-broken. I haven't added any additional text to the documentation
to explain this because all that was there in the first place was the
example. Please let me know if this needs to be more extensively
documented.

I've CC'd cr...@bis.doc.gov is requested in the readme, however this
is a trivial documentation change which doesn't touch any encryption
code.

diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
index 06d8467..8e3d48a 100644
--- a/doc/apps/x509v3_config.pod
+++ b/doc/apps/x509v3_config.pod
@@ -220,7 +220,7 @@ certain values are meaningful, for example OCSP
and caIssuers.

 Example:

- authorityInfoAccess = OCSP;URI:http://ocsp.my.host/
+ authorityInfoAccess = OCSP;URI:http://ocsp.my.host
  authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to