X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=doc%2Fapps%2FCA.pl.pod;h=63cd1320cc764265b0846770f6572ae460533d7d;hb=da542e1bf762507bc6630847e4c3dd18de81359d;hp=9d287f0c4d506a39b4924a58f194d406cdd6fa75;hpb=afee764c4a173e7dff52dbf59612e2418acc7cb7;p=oweals%2Fopenssl.git

diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod
index 9d287f0c4d..63cd1320cc 100644
--- a/doc/apps/CA.pl.pod
+++ b/doc/apps/CA.pl.pod
@@ -69,9 +69,16 @@ list box), otherwise the name "My Certificate" is used.
 
 calls the B<ca> program to sign a certificate request. It expects the request
 to be in the file "newreq.pem". The new certificate is written to the file
-"newcert.pem" except in the case of the B<-xcert> option when it is written
+"newcert.pem" except in the case of the B<-xsign> option when it is written
 to standard output.
 
+
+=item B<-signCA>
+
+this option is the same as the B<-signreq> option except it uses the configuration
+file section B<v3_ca> and so makes the signed request a valid CA certificate. This
+is useful when creating intermediate CA from a root CA.
+
 =item B<-signcert>
 
 this option is the same as B<-sign> except it expects a self signed certificate
@@ -122,7 +129,7 @@ Create the CA directories and files:
 
 enter cacert.pem when prompted for the CA file name.
 
-Create a DSA certificate request and privat key (a different set of parameters
+Create a DSA certificate request and private key (a different set of parameters
 can optionally be created first):
 
  openssl req -out newreq.pem -newkey dsa:dsap.pem