Drop redundant and outdated __CYGWIN32__ tests.

[oweals/openssl.git] / doc / apps / CA.pl.pod

diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod
index ed69952f3799e4de2665a913371bb5444e3875a4..92ae288748d469552f130f460cb8df63aa1a6e70 100644 (file)
--- a/doc/apps/CA.pl.pod
+++ b/doc/apps/CA.pl.pod
@@ -39,13 +39,13 @@ prints a usage message.
 
 =item B<-newcert>
 
-creates a new self signed certificate. The private key and certificate are
-written to the file "newreq.pem".
+creates a new self signed certificate. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
 
 =item B<-newreq>
 
-creates a new certificate request. The private key and request are
-written to the file "newreq.pem".
+creates a new certificate request. The private key is written to the file
+"newkey.pem" and the request written to the file "newreq.pem".
 
 =item B<-newreq-nodes>
 
@@ -89,6 +89,17 @@ is useful when creating intermediate CA from a root CA.
 this option is the same as B<-sign> except it expects a self signed certificate
 to be present in the file "newreq.pem".
 
+=item B<-crl>
+
+generate a CRL
+
+=item B<-revoke certfile [reason]>
+
+revoke the certificate contained in the specified B<certfile>. An optional
+reason may be specified, and must be one of: B<unspecified>,
+B<keyCompromise>, B<CACompromise>, B<affiliationChanged>, B<superseded>,
+B<cessationOfOperation>, B<certificateHold>, or B<removeFromCRL>.
+
 =item B<-verify>
 
 verifies certificates against the CA certificate for "demoCA". If no certificates