=head1 NAME
-SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list, - manipulate allowed for the peer's certificate chain
+SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL_get_max_cert_list - manipulate allowed size for the peer's certificate chain
=head1 SYNOPSIS
SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer's
certificate chain for all SSL objects created from B<ctx> to be <size> bytes.
The SSL objects inherit the setting valid for B<ctx> at the time
-L<SSL_new(3)|SSL_new(3)> is being called.
+L<SSL_new(3)> is being called.
SSL_CTX_get_max_cert_list() returns the currently set maximum size for B<ctx>.
The default value for the maximum certificate chain size is 100kB (30kB
on the 16bit DOS platform). This should be sufficient for usual certificate
chains (OpenSSL's default maximum chain length is 10, see
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, and certificates
+L<SSL_CTX_set_verify(3)>, and certificates
without special extensions have a typical size of 1-2kB).
For special applications it can be necessary to extend the maximum certificate
=head1 SEE ALSO
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
-
-=head1 HISTORY
-
-SSL*_set/get_max_cert_list() have been introduced in OpenSSL 0.9.7.
+L<ssl(3)>, L<SSL_new(3)>,
+L<SSL_CTX_set_verify(3)>
=cut
projects / openssl.git / blobdiff