On Thu, Nov 05, 2015 at 02:11:06PM +0100, Jan Klemkow wrote:
> Hi,
>
> I'm playing around with client-side certificates[1] and saw that the
> manpage of tls_init.3 recommend to uses the functions:
> tls_config_set_ca_{file,path,mem} only in client context.
>
> But to check client-side certificates its also useful in server context.
>
> bye,
> Jan
>
> [1]: https://github.com/younix/ucspi/blob/master/tests.mk
>
fixed, thanks.
jmc
> Index: tls_init.3
> ===================================================================
> RCS file: /cvs/src/lib/libtls/tls_init.3,v
> retrieving revision 1.53
> diff -u -p -r1.53 tls_init.3
> --- tls_init.3 16 Oct 2015 13:49:53 -0000 1.53
> +++ tls_init.3 5 Nov 2015 12:48:17 -0000
> @@ -289,16 +289,16 @@ Configuration options may apply to only
> .Fn tls_config_set_ca_file
> sets the filename used to load a file
> containing the root certificates.
> -.Em (Client)
> +.Em (Client and Server)
> .It
> .Fn tls_config_set_ca_path
> sets the path (directory) which should be searched for root
> certificates.
> -.Em (Client)
> +.Em (Client and Server)
> .It
> .Fn tls_config_set_ca_mem
> sets the root certificates directly from memory.
> -.Em (Client)
> +.Em (Client and Server)
> .It
> .Fn tls_config_set_cert_file
> sets file from which the public certificate will be read.
>
