Typo and additional information about cert-chain building.

author: Lutz Jänicke <jaenicke@openssl.org> 2000-12-05 16:47:22 +0000
committer: Lutz Jänicke <jaenicke@openssl.org> 2000-12-05 16:47:22 +0000
commit: d766a23deb0dc5a3fc05c37f017cb4ae9abb1c45 (patch)
tree: 9e3d4ef14e4cc58f8bdde1dca32ae7b1e7e9abb5
parent: b1e21f8faca0bf71a45503409ae57ee56ea16e7e (diff)
download: openssl-new-d766a23deb0dc5a3fc05c37f017cb4ae9abb1c45.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
index aeeee1a3be..8e11606dad 100644
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -46,7 +46,7 @@ is performed in the ordering of the extension number, regardless of other
 properties of the certificates.
 Use the B<c_rehash> utility to create the necessary links.
 
-The certificates in B<CAfile> are only looked up when required, e.g. when
+The certificates in B<CApath> are only looked up when required, e.g. when
 building the certificate chain or when actually performing the verification
 of a peer certificate.
 
@@ -62,6 +62,9 @@ matching the parameters is found, the verification process will be performed;
 no other certificates for the same parameters will be searched in case of
 failure.
 
+When building its own certificate chain, an OpenSSL client/server will
+try to fill in missing certificates from B<CAfile>/B<CApath>.
+
 =head1 WARNINGS
 
 If several CA certificates matching the name, key identifier, and serial
author	Lutz Jänicke <jaenicke@openssl.org>	2000-12-05 16:47:22 +0000
committer	Lutz Jänicke <jaenicke@openssl.org>	2000-12-05 16:47:22 +0000
commit	d766a23deb0dc5a3fc05c37f017cb4ae9abb1c45 (patch)
tree	9e3d4ef14e4cc58f8bdde1dca32ae7b1e7e9abb5
parent	b1e21f8faca0bf71a45503409ae57ee56ea16e7e (diff)
download	openssl-new-d766a23deb0dc5a3fc05c37f017cb4ae9abb1c45.tar.gz