Update the *use_certificate* docs

author Matt Caswell <matt@openssl.org>

Thu, 26 Apr 2018 13:05:40 +0000 (14:05 +0100)

committer Matt Caswell <matt@openssl.org>

Thu, 26 Apr 2018 15:41:54 +0000 (16:41 +0100)
author Matt Caswell <matt@openssl.org>
Thu, 26 Apr 2018 13:05:40 +0000 (14:05 +0100)
committer Matt Caswell <matt@openssl.org>
Thu, 26 Apr 2018 15:41:54 +0000 (16:41 +0100)
diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod

index 80321b8580e3f8e5f88acc3f5802d09e3b620855..800423e7de74b4f1ad0d173ab3f9f75dd7c45871 100644 (file)
--- a/doc/ssl/SSL_CTX_use_certificate.pod
+++ b/doc/ssl/SSL_CTX_use_certificate.pod
@@ -142,6 +142,13 @@ L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>.
  of view, it however does not make sense as the data in the certificate
  is considered public anyway.)
  
+All of the functions to set a new certificate will replace any existing
+certificate of the same type that has already been set. Similarly all of the
+functions to set a new private key will replace any private key that has already
+been set. Applications should call L<SSL_CTX_check_private_key(3)> or
+L<SSL_check_private_key(3)> as appropriate after loading a new certificate and
+private key to confirm that the certificate and key match.
+
  =head1 RETURN VALUES
  
  On success, the functions return 1.
author	Matt Caswell <matt@openssl.org>
	Thu, 26 Apr 2018 13:05:40 +0000 (14:05 +0100)
committer	Matt Caswell <matt@openssl.org>
	Thu, 26 Apr 2018 15:41:54 +0000 (16:41 +0100)