From f50b911a3fa825291d944723d7ed089a281bbeec Mon Sep 17 00:00:00 2001 From: =?utf8?q?Lutz=20J=C3=A4nicke?= Date: Fri, 30 May 2003 07:45:50 +0000 Subject: [PATCH] Clarify ordering of certificates when using certificate chains --- doc/ssl/SSL_CTX_use_certificate.pod | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod index b8868f18bf..ea2faba3ec 100644 --- a/doc/ssl/SSL_CTX_use_certificate.pod +++ b/doc/ssl/SSL_CTX_use_certificate.pod @@ -68,7 +68,9 @@ should be preferred. SSL_CTX_use_certificate_chain_file() loads a certificate chain from B into B. The certificates must be in PEM format and must -be sorted starting with the certificate to the highest level (root CA). +be sorted starting with the subject's certificate (actual client or server +certificate), followed by intermediate CA certificates if applicable, and +ending at the highest level (root) CA. There is no corresponding function working on a single SSL object. SSL_CTX_use_PrivateKey() adds B as private key to B. -- 2.25.1