Expand SSL_CTX_set_default_verify_paths() documentation

[openssl.git] / doc / ssl / SSL_CTX_load_verify_locations.pod

diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
index 3c1e3b77c4d20c2e2613b7f566842b2cb326ff83..59d11e03ee4d0fb6f566fc58c6bb8f5dfd81c414 100644 (file)
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -25,9 +25,13 @@ SSL_CTX_load_verify_locations() specifies the locations for B<ctx>, at
 which CA certificates for verification purposes are located. The certificates
 available via B<CAfile> and B<CApath> are trusted.
 
-SSL_CTX_set_default_verify_paths() specifies that the default locations for
+SSL_CTX_set_default_verify_paths() specifies that the default locations from
 which CA certificates are loaded should be used. There is one default directory
-and one default file.
+and one default file. The default CA certificates directory is called "certs" in
+the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment
+variable can be defined to override this location. The default CA certificates
+file is called "cert.pem" in the default OpenSSL directory. Alternatively the
+SSL_CERT_FILE environment variable can be defined to override this location.
 
 SSL_CTX_set_default_verify_dir() is similar to
 SSL_CTX_set_default_verify_paths() except that just the default directory is
@@ -145,4 +149,13 @@ L<SSL_CTX_add_extra_chain_cert(3)>,
 L<SSL_CTX_set_cert_store(3)>,
 L<SSL_CTX_set_client_CA_list(3)>
 
+=head1 COPYRIGHT
+
+Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
 =cut