Commit graph

284 commits

Author SHA1 Message Date
Dr. Stephen Henson
37dccd8ff2 Update X509v3 docs. 2004-11-16 17:45:13 +00:00
Dr. Stephen Henson
826a42a088 PR: 910
Add command line options -certform, -keyform and -pass to s_client and
s_server. This supports the use of alternative passphrase sources, key formats
and keys handled by an ENGINE.

Update docs.
2004-11-16 17:30:59 +00:00
Dr. Stephen Henson
19f39703f7 Initial pod documentation of X509V3 config file format. 2004-11-16 14:09:12 +00:00
Richard Levitte
e544b0dc2a 'compatibility', not 'computability' :-)... 2004-08-18 15:48:33 +00:00
Dr. Stephen Henson
6446e0c3c8 Extend OID config module format. 2004-03-27 13:30:14 +00:00
Dr. Stephen Henson
f2c1812560 More autoconfig docs. 2004-03-01 19:15:24 +00:00
Dr. Stephen Henson
a30af36c77 Initial docs for the OpenSSL library configuration via openssl.cnf 2004-03-01 01:04:40 +00:00
Richard Levitte
ee3a47a994 AES is spelled AES, not ASE. Oops... 2004-02-27 02:24:49 +00:00
Richard Levitte
8bb0c8522a Document the AES options for 'openssl smime'.
PR: 834
2004-02-26 21:44:41 +00:00
Lutz Jänicke
fc56b52924 Updates to s_time manual page
PR: #570
Submitted by: Martin Witzel <MWITZEL@de.ibm.com>
2004-01-08 07:38:15 +00:00
Lutz Jänicke
a32fc687de Add s_time manual page
Submitted by: "Martin Witzel" <MWITZEL@de.ibm.com>

PR: #570
2004-01-04 18:59:14 +00:00
Bodo Möller
2c789c82be manpages for 'openssl ec' and 'openssl ecparam'
Submitted by: Nils Larsch
2003-07-21 13:40:02 +00:00
Richard Levitte
94805c84d1 Add -issuer_hash and make -subject_hash the default way to get the
subject hash, with -hash a synonym kept around for backward
compatibility reasons.
PR: 650
2003-07-03 20:45:09 +00:00
Richard Levitte
6f2f534b58 The convenience argumetn for -nameopt and -certopt is ca_default, not
default_ca.
PR: 653
2003-07-03 07:46:52 +00:00
Richard Levitte
8fbb2af392 Add documentation for the new crlnumber configuration option. 2003-06-19 17:52:57 +00:00
Richard Levitte
c5aba56c5b Typo. 2003-06-19 17:50:37 +00:00
Lutz Jänicke
4f17dfcd75 Add minimum POP3 STLS hack to s_client.c (as was provided for STARTTLS before)
Submitted by: dg@sunet.ru (Daniel Ginsburg)

PR: #613
2003-05-28 20:24:57 +00:00
Richard Levitte
d6df2b281f Add documentation on the added functionality in 'openssl ca'. 2003-04-04 14:39:44 +00:00
Dr. Stephen Henson
e5b0508a14 Update ocsp usage message and docs. 2003-03-26 00:46:47 +00:00
Richard Levitte
e986704d24 Add documentation for -starttls (s_client) and -id_prefix (s_server).
PR: 542
2003-03-20 16:34:27 +00:00
Richard Levitte
bfa3555081 Document -engine where missing.
PR: 424
2003-01-30 22:02:27 +00:00
Richard Levitte
c653b56937 Correct an example that has a few typos.
PR: 458
2003-01-14 13:56:38 +00:00
Richard Levitte
360e506710 Typos corrected.
PR: 445
2003-01-10 08:54:01 +00:00
Lutz Jänicke
44fcd3ef3e Add information about AES cipher suites to ciphers manual page.
If no authentication method is mentioned in the cipher suite name (e.g.
AES128-SHA), RSA authentication is used (PR #396).
2002-12-29 21:24:50 +00:00
Lutz Jänicke
32d21c1ef6 Better workaround to the "=head1 NAME OPTIONS" pod2latex problem:
NAME OPTIONS are a subset of OPTIONS, so just make it =head2!
Submitted by:
Reviewed by:
PR: 333
2002-11-18 08:15:45 +00:00
Lutz Jänicke
1f30946481 Don't declare 2 WARNINGS sections
Submitted by:
Reviewed by:
PR:
2002-11-14 11:13:01 +00:00
Lutz Jänicke
b1697f189b Opportunistic change to work around pod2latex bug: rename NAME OPTIONS
section to SUBJECT AND ISSUER NAME OPTIONS
Submitted by:
Reviewed by:
PR: 333
2002-11-14 11:09:07 +00:00
Lutz Jänicke
17a202add7 Correct reference to section name.
Submitted by:
Reviewed by:
PR:
2002-11-14 11:03:30 +00:00
Lutz Jänicke
eaad02a747 Missing =back
Submitted by:
Reviewed by:
PR:
2002-11-14 10:51:54 +00:00
Dr. Stephen Henson
04f0a6ba39 Update docs 2002-11-13 13:18:14 +00:00
Dr. Stephen Henson
a8c125550c Typo 2002-11-09 18:05:33 +00:00
Richard Levitte
d6257073aa -CAcreateserial doesn't take a filename argument.
PR: 332
2002-11-08 21:51:09 +00:00
Dr. Stephen Henson
d618f703ec CRL reason code docs. 2002-11-06 01:28:55 +00:00
Richard Levitte
70e96dcf59 Document should match reality :-).
PR: 255
2002-10-04 12:59:00 +00:00
Bodo Möller
8be4e173e8 fix a typo and clarify 2002-07-22 09:04:36 +00:00
Lutz Jänicke
c6ccf055ba New cipher selection options COMPLEMENTOFALL and COMPLEMENTOFDEFAULT.
Submitted by:
Reviewed by:
PR: 127
2002-07-19 19:55:34 +00:00
Bodo Möller
cd7562091d fix synopsis
Submitted by: Nils Larsch
2002-07-09 10:51:25 +00:00
Lutz Jänicke
9a26adf598 Remove item listed twice <kromJx@crosswinds.net>. 2002-05-28 17:48:54 +00:00
Lutz Jänicke
72da660ddb Fix incorrect =over 4 location.
Submitted by: David Waitzman <djw@bbn.com>
Reviewed by: Lutz Jaenicke
PR: [openssl.org #38]
2002-05-16 17:45:37 +00:00
Lutz Jänicke
c0455cbb18 Fix escaping when using the -subj option of "openssl req", document
'hidden' -nameopt support. (Robert Joop <joop@fokus.gmd.de>)
2002-04-30 12:08:18 +00:00
Bodo Möller
dc4ddcd2bb add documentation for SSLeay_version(SSLEAY_DIR) and
'openssl version -d'

use some descriptions from Lutz' redundant manual page
instead of the previous ones
2002-01-04 15:17:09 +00:00
Dr. Stephen Henson
21a85f1977 Add -pubkey option to req command. 2001-12-01 23:03:30 +00:00
Bodo Möller
8a0a9392ab discuss -name and default_ca more correctly (I hope) 2001-11-26 12:13:50 +00:00
Bodo Möller
1d8634b110 msg_callback documentation 2001-11-10 02:12:09 +00:00
Dr. Stephen Henson
1fc6d41bf6 New options to allow req to accept UTF8 strings as input. 2001-10-26 12:40:38 +00:00
Bodo Möller
89da653fa6 Add '-noemailDN' option to 'openssl ca'. This prevents inclusion of
the e-mail address in the DN (i.e., it will go into a certificate
extension only).  The new configuration file option 'email_in_dn = no'
has the same effect.

Submitted by: Massimiliano Pala madwolf@openca.org
2001-10-25 08:25:19 +00:00
Lutz Jänicke
e1c279b63d Small documentation fixes (Howard Lum <howard@pumpkin.canada.sun.com>) 2001-10-08 08:37:24 +00:00
Ulf Möller
3b80e3aa9e ispell 2001-09-07 06:13:40 +00:00
Bodo Möller
3f1c4e49a3 add missing link 2001-08-08 15:09:06 +00:00
Dr. Stephen Henson
534a1ed0cb Allow OCSP server to handle multiple requests.
Document new OCSP options.
2001-07-13 13:13:44 +00:00
Lutz Jänicke
43f9391bcc When only the key is given to "enc", the IV is undefined
(found by Andy Brown <logic@warthog.com>).
2001-07-03 10:31:11 +00:00
Lutz Jänicke
0ea659475c Typo (reported by Petr Lancaric <Petr.Lancaric@ips-ag.cz>) 2001-04-25 15:24:47 +00:00
Dr. Stephen Henson
02ee8626fb Fix PKCS#12 key generation bug. 2001-03-18 02:11:42 +00:00
Dr. Stephen Henson
791bd0cd2b Add copy_extensions option to 'ca' utility. 2001-03-16 02:04:17 +00:00
Dr. Stephen Henson
e890dcdb19 Add 'align' option to nameopt.
Add default values for display by the 'ca' utility
to openssl.cnf

Update docs.
2001-03-15 22:45:20 +00:00
Dr. Stephen Henson
0a3ea5d34a Document the -certopt option to the x509 utility.
Add no_issuer option.

Fix X509_print_ex() so it prints out newlines when
certain fields are omitted.
2001-03-15 01:15:54 +00:00
Richard Levitte
7b8250053b Document the change. 2001-03-10 16:28:49 +00:00
Dr. Stephen Henson
cc5ba6a7b6 Update docs. 2001-03-09 13:57:14 +00:00
Bodo Möller
bad4058574 New option '-subj arg' for 'openssl req' and 'openssl ca'. This
sets the subject name for a new request or supersedes the
subject name in a given request.

Add options '-batch' and '-verbose' to 'openssl req'.

Submitted by: Massimiliano Pala <madwolf@hackmasters.net>
Reviewed by: Bodo Moeller
2001-03-05 11:09:43 +00:00
Lutz Jänicke
45ecfb1973 Typo, spotted by "Greg Stark" <gstark@ethentica.com>. 2001-03-01 16:50:11 +00:00
Lutz Jänicke
52b621db88 Add "-rand" option to s_client and s_server. 2001-02-15 10:22:07 +00:00
Dr. Stephen Henson
f2e5ca84d4 Option to disable standard block padding with EVP API.
Add -nopad option to enc command.

Update docs.
2001-02-14 02:11:52 +00:00
Dr. Stephen Henson
bfcec27d61 Update ocsp utility documentation. 2001-01-20 01:26:28 +00:00
Ulf Möller
a068630a20 link to the new manpage. 2001-01-15 22:19:30 +00:00
Bodo Möller
dfebac32c0 New '-extfile' option for 'openssl ca'.
This allows keeping extensions in a separate configuration file.

Submitted by: Massimiliano Pala <madwolf@comune.modena.it>
2001-01-15 11:35:24 +00:00
Dr. Stephen Henson
b4b1bdd5d3 Preliminary ocsp utility documentation.
Fix ocsp usage message.
2001-01-14 00:52:19 +00:00
Bodo Möller
d199858e89 New -newreq-nodes option to CA.pl.
Submitted by: Damien Miller <djm@mindrot.org>
2001-01-11 13:23:19 +00:00
Bodo Möller
b62a0c4cab Add a pointer to digest options in the description of -fingerprint. 2001-01-10 14:35:20 +00:00
Bodo Möller
db70a3fd6e Improve usability of 'openssl passwd' by including
password verification where it makes sense.
2000-11-17 09:03:02 +00:00
Richard Levitte
5270e7025e Merge the engine branch into the main trunk. All conflicts resolved.
At the same time, add VMS support for Rijndael.
2000-10-26 21:07:28 +00:00
Ulf Möller
a2bbe59401 s_server not s_client 2000-10-23 19:13:35 +00:00
Dr. Stephen Henson
dbba890cf1 Only use the new informational verify codes if we
specifically ask for them.

Fix typo in docs.
2000-09-22 21:32:08 +00:00
Bodo Möller
acb5b34328 Change spelling back to "behaviour" and "flavour" instead of the
American variants.
2000-09-16 16:00:38 +00:00
Dr. Stephen Henson
709e85953d Update verify docs.
New option to verify program to print out diagnostics.
2000-09-08 00:53:58 +00:00
Dr. Stephen Henson
84b65340e1 Two new PKCS#12 demo programs.
Update PKCS12_parse().

Make the keyid in certificate aux info more usable.
2000-09-07 23:14:26 +00:00
Bodo Möller
2b40660ec1 Add OAEP. Seed the PRNG. 2000-09-06 11:49:43 +00:00
Bodo Möller
34417732fa Add rsautl. 2000-09-06 07:58:27 +00:00
Dr. Stephen Henson
bbb720034a Fix typo in rsautl.
Add support for settable verify time in X509_verify_cert().

Document rsautl utility.
2000-09-05 22:30:38 +00:00
Bodo Möller
4ed601b172 Include MD4 in documentation. 2000-09-04 15:28:21 +00:00
Dr. Stephen Henson
bd08a2bd0c Add 'rsautl' low level RSA utility.
Add DER public key routines.

Add -passin argument to 'ca' utility.

Document sign and verify options to dgst.
2000-09-03 23:13:48 +00:00
Dr. Stephen Henson
d428bf8c56 New option to CA.pl to sign request using CA extensions.
This allows intermediate CAs to be created more easily.

PKCS12_create() now checks private key matches certificate.

Fix typo in x509 app.

Update docs.

New function ASN1_STRING_to_UTF8() converts any ASN1_STRING
type to UTF8.
2000-08-24 23:24:18 +00:00
Richard Levitte
fa1194d30a Correct the title. This also fooled the automatic documentation builder
that this was actually the pkcs7 document...
2000-08-15 17:35:10 +00:00
Bodo Möller
cc244b371d Update 'openssl passwd' documentation on selection of algorithms. 2000-07-31 12:27:44 +00:00
Dr. Stephen Henson
bd4e152791 Document the new DN printing options.
Change a few names to be more meaningful.

Fix typos in CA.pl docs.
2000-07-30 01:27:59 +00:00
Dr. Stephen Henson
fd13f0ee52 Make req seed the PRNG if signing with
an already existing DSA key.

Document the new smime options.
2000-07-12 23:55:30 +00:00
Richard Levitte
fb0b844a7d Document the change in req. 2000-06-22 09:19:59 +00:00
Dr. Stephen Henson
d3ed8ceb3d Add support for the modified SGC key format used in IIS. 2000-06-15 23:48:05 +00:00
Dr. Stephen Henson
a91dedca48 Document EVP routines. Change EVP_SealInit() and EVP_OpenInit()
to support multiple calls.

New function to retrieve email address from certificates and
requests.
2000-06-11 12:18:15 +00:00
Bodo Möller
cbb6ad9d10 typo 2000-05-31 23:20:10 +00:00
Bodo Möller
727daea783 dh and gendh have been obsoleted by dhparam. 2000-05-31 23:07:48 +00:00
Richard Levitte
fbecbc8cfb You must have an empty line between =item's 2000-05-30 08:01:24 +00:00
Geoff Thorpe
4c0aee5a75 Minor corrections to documentation.
* speed processes any/all options passed to it, not just one.
* DH and DSA have no "_get_method()" functions, only RSA does.
* typos.
2000-05-29 15:52:21 +00:00
Richard Levitte
b87ef9460b OpenVMS, not OpenVSM... 2000-04-12 16:48:20 +00:00
Bodo Möller
8acdd759b9 Clarifications. 2000-04-06 22:30:57 +00:00
Dr. Stephen Henson
afee764c4a Update docs. 2000-03-25 02:38:28 +00:00
Dr. Stephen Henson
555b22cfca Update docs and remove old PKCS#7 README file. 2000-03-23 02:35:47 +00:00
Bodo Möller
88220dcb21 Document pseudo-commands. 2000-03-20 13:39:06 +00:00
Ulf Möller
369782ac50 add =cut 2000-03-18 22:00:26 +00:00
Richard Levitte
ce301b6b0b Add the possibility (with -ign_eof) to ignore end of file on input but
still not be quiet.  Also make it clear that -quiet implicitely means
-ign_eof as well.
2000-03-10 12:18:28 +00:00
Bodo Möller
41918458c0 New '-dsaparam' option for 'openssl dhparam', and related fixes. 2000-03-03 22:18:19 +00:00
Bodo Möller
afbd0746cf 'rand'/'-rand' documentation. 2000-03-01 11:45:53 +00:00
Bodo Möller
55f7d65db0 Document the 'rand' application. 2000-03-01 07:57:25 +00:00
Ulf Möller
a4cfd178f9 EGD socket info. 2000-02-24 17:18:51 +00:00
Ulf Möller
4d524e10b4 nicer manpages 2000-02-24 11:55:57 +00:00
Ulf Möller
c1ce32f1bf minor docs changes (added links is the openssl(1) text) 2000-02-23 17:09:50 +00:00
Dr. Stephen Henson
3142c86d65 Allow ADH to be used but not present in the default cipher
list.

Allow CERTIFICATE to be used in PEM headers for PKCS#7 structures:
some CAs do this.
2000-02-23 01:11:01 +00:00
Bodo Möller
ad86060357 Change the example to show apr1 with an 8-character salt. 2000-02-18 11:51:58 +00:00
Dr. Stephen Henson
8a208cba97 New functions and option to use NEW in certificate requests. 2000-02-18 00:54:21 +00:00
Dr. Stephen Henson
cd3c54e50f Add -pass argument to 'enc'.
Fix to make Win32 compile work again.
2000-02-17 00:41:43 +00:00
Dr. Stephen Henson
a3fe382e2d Pass phrase reorganisation. 2000-02-16 23:16:01 +00:00
Dr. Stephen Henson
d13e4eb0b5 Make pkcs12 and smime applications seed random number
generator (otherwise they don't work) and add -rand
option. Update docs.
2000-02-12 03:03:04 +00:00
Bodo Möller
e6e7b5f3df Implement MD5-based "apr1" password hash. 2000-02-11 16:25:44 +00:00
Richard Levitte
5160448b98 Add references to the new passwd utility. 2000-02-11 11:21:01 +00:00
Bodo Möller
bb325c7d6a 'passwd' tool. 2000-02-10 21:50:52 +00:00
Dr. Stephen Henson
0cd4498b8f Update docs. 2000-02-08 13:37:08 +00:00
Dr. Stephen Henson
f07fb9b24b Add command line password options to the reamining utilities,
amend docs.
2000-02-08 01:34:59 +00:00
Dr. Stephen Henson
66430207a4 Add support for some broken PKCS#8 formats. 2000-02-05 21:07:56 +00:00
Ulf Möller
b20b78b720 a short page for "speed" 2000-02-03 23:23:57 +00:00
Ulf Möller
657e60fa00 ispell (and minor modifications) 2000-02-03 23:23:24 +00:00
Dr. Stephen Henson
82fc1d9c28 Add new -notext option to 'ca', -pubkey option to spkac.
Remove some "WTF??" casts from applications.

Fixes to keep VC++ happy and avoid warnings.

Docs tidy.
2000-02-03 02:56:48 +00:00
Dr. Stephen Henson
54a34aecc3 Update docs. 2000-02-02 01:33:28 +00:00
Ulf Möller
fef47a1d1e dhgen is gone. 2000-02-01 15:00:37 +00:00
Ulf Möller
74235cc9ec Update docs: corrections, turn buffer docs into manpage, fold SHA1
pages into one for improved readability, add lhash manpage
2000-01-30 22:16:47 +00:00
Richard Levitte
aa3353fda2 Put config in section 5, where it belongs. 2000-01-28 11:35:44 +00:00
Dr. Stephen Henson
2af9fd006d Add CA.pl man page this time... 2000-01-28 01:37:08 +00:00
Richard Levitte
bb075f8833 Update all links so they will be rendered better. 2000-01-27 01:25:31 +00:00
Richard Levitte
1675f6eb05 Let's make all the example formated the same, shall we? 2000-01-24 02:24:37 +00:00
Richard Levitte
8548d44270 Correct indentation 2000-01-24 02:15:59 +00:00
Dr. Stephen Henson
fabce04122 Make s_server, s_client check cipher list return codes.
Update docs.
2000-01-23 02:28:08 +00:00
Dr. Stephen Henson
64287002ce Minor patch: check only match @STRENGTH and remove eNULL
comment.

Add documentation for the ciphers command including a full
description of cipher lists.
2000-01-22 23:34:44 +00:00
Dr. Stephen Henson
09483c58e3 Add new program dhparam and update docs. 2000-01-22 13:58:29 +00:00
Dr. Stephen Henson
cc8709a090 Docs for sess_id utility. 2000-01-21 22:38:52 +00:00
Dr. Stephen Henson
8100490a72 Make -CAcreateserial start from 1 instead of 0 for
serial numbers.
2000-01-21 02:42:14 +00:00
Dr. Stephen Henson
dd46d58f65 Change the 'man' directory to 'apps'. Yes I wish cvs
could rename too :-(
2000-01-21 02:17:04 +00:00