X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=doc%2Fapps%2Fca.pod;h=d35292586458c2bbb23fa7fac0058c423d517654;hb=f777408fc5afc2477aaf999254eb3158790332bd;hp=02769121d33cebc83a4a962d7b68ec671dabd273;hpb=82fc1d9c28e834549f61e4c91b3f6bbdf4c48153;p=oweals%2Fopenssl.git

diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 02769121d3..d352925864 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -23,6 +23,7 @@ B<openssl> B<ca>
 [B<-policy arg>]
 [B<-keyfile arg>]
 [B<-key arg>]
+[B<-passin arg>]
 [B<-cert file>]
 [B<-in file>]
 [B<-out file>]
@@ -99,6 +100,10 @@ the password used to encrypt the private key. Since on some
 systems the command line arguments are visible (e.g. Unix with
 the 'ps' utility) this option should be used with caution.
 
+=item B<-passin arg>
+
+the key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
 =item B<-verbose>
 
 this prints extra details about the operations being performed.
@@ -238,7 +243,8 @@ CA private key. Mandatory.
 
 =item B<RANDFILE>
 
-a file used to read and write random number seed information.
+a file used to read and write random number seed information, or
+an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
 
 =item B<default_days>
 
@@ -341,6 +347,10 @@ Sign a certificate request:
 
  openssl ca -in req.pem -out newcert.pem
 
+Sign a certificate request, using CA extensions:
+
+ openssl ca -in req.pem -extensions v3_ca -out newcert.pem
+
 Generate a CRL
 
  openssl ca -gencrl -out crl.pem