From: Dr. Stephen Henson <steve@openssl.org>
Date: Mon, 25 Feb 2008 18:13:40 +0000 (+0000)
Subject: Update from HEAD.
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6fa2c4cadcbb137a474f478dade8978c33fb27d5;p=oweals%2Fopenssl.git

Update from HEAD.
---

diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 4f266058e5..b58ddc1788 100644
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -73,7 +73,7 @@ specify output filename, default is standard output.
 
 This specifies the current issuer certificate. This option can be used
 multiple times. The certificate specified in B<filename> must be in
-PEM format.
+PEM format. This option B<MUST> come before any B<-cert> options.
 
 =item B<-cert filename>
 
@@ -146,7 +146,7 @@ certificate in such cases.
 
 =item B<-trust_other>
 
-the certificates specified by the B<-verify_certs> option should be explicitly
+the certificates specified by the B<-verify_other> option should be explicitly
 trusted and no additional checks will be performed on them. This is useful
 when the complete responder certificate chain is not available or trusting a
 root CA is not appropriate.
@@ -154,7 +154,7 @@ root CA is not appropriate.
 =item B<-VAfile file>
 
 file containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_certs> and B<-trust_other> options.
+B<-verify_other> and B<-trust_other> options.
 
 =item B<-noverify>
 
@@ -166,7 +166,7 @@ of the responders certificate.
 
 ignore certificates contained in the OCSP response when searching for the
 signers certificate. With this option the signers certificate must be specified
-with either the B<-verify_certs> or B<-VAfile> options.
+with either the B<-verify_other> or B<-VAfile> options.
 
 =item B<-no_signature_verify>