had restrictions on the permissible sizes of keys which could be used for
encryption.
-=head1 NEW FUNCTIONALITY IN OPENSSL 0.9.8
-
-Some additional functionality was added to PKCS12_create() in OpenSSL
-0.9.8. These extensions are detailed below.
-
-If a certificate contains an B<alias> or B<keyid> then this will be
-used for the corresponding B<friendlyName> or B<localKeyID> in the
-PKCS12 structure.
-
-Either B<pkey>, B<cert> or both can be B<NULL> to indicate that no key or
-certficate is required. In previous versions both hasves to be present or
-a fatal error is returned.
-
-B<nid_key> or B<nid_cert> can be set to -1 indicating that no encryption
-should be used.
-
-B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
-
=head1 SEE ALSO
L<d2i_PKCS12(3)|d2i_PKCS12(3)>