INSTALL: clarify 386 and no-sse2 options.

[oweals/openssl.git] / doc / ssl / SSL_CTX_use_serverinfo.pod

diff --git a/doc/ssl/SSL_CTX_use_serverinfo.pod b/doc/ssl/SSL_CTX_use_serverinfo.pod
index da7935c83d0a9392b369933a749f150c1994ad85..caeb28de765ba9f7219e7417c3f42b50fa935414 100644 (file)
--- a/doc/ssl/SSL_CTX_use_serverinfo.pod
+++ b/doc/ssl/SSL_CTX_use_serverinfo.pod
@@ -2,7 +2,7 @@
 
 =head1 NAME
 
-SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file
+SSL_CTX_use_serverinfo, SSL_CTX_use_serverinfo_file - use serverinfo extension
 
 =head1 SYNOPSIS
 
@@ -30,6 +30,14 @@ must consist of a 2-byte Extension Type, a 2-byte length, and then length
 bytes of extension_data.  Each PEM extension name must begin with the phrase
 "BEGIN SERVERINFO FOR ".
 
+If more than one certificate (RSA/DSA) is installed using
+SSL_CTX_use_certificate(), the serverinfo extension will be loaded into the
+last certificate installed.  If e.g. the last item was a RSA certificate, the
+loaded serverinfo extension data will be loaded for that certificate.  To
+use the serverinfo extension for multiple certificates,
+SSL_CTX_use_serverinfo() needs to be called multiple times, once B<after>
+each time a certificate is loaded.
+
 =head1 NOTES
 
 =head1 RETURN VALUES