X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=apps%2Fca.c;h=880e0b9a19f7fb58ff3d4a4bbd92d139810bee80;hb=1b4d0e3c1ed556b890b93d8326978a6a90cfc0fe;hp=95801fbf39b9ed0a0404424b87f5fdca211345d1;hpb=7b8cc9b3458ec3f18b4d4d9ca2a72b6b3e3744c8;p=openssl.git

diff --git a/apps/ca.c b/apps/ca.c
index 95801fbf39..880e0b9a19 100644
--- a/apps/ca.c
+++ b/apps/ca.c
@@ -220,7 +220,7 @@ OPTIONS ca_options[] = {
     {"policy", OPT_POLICY, 's', "The CA 'policy' to support"},
     {"keyfile", OPT_KEYFILE, 's', "Private key"},
     {"keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)"},
-    {"passin", OPT_PASSIN, 's'},
+    {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
     {"key", OPT_KEY, 's', "Key to decode the private key if it is encrypted"},
     {"cert", OPT_CERT, '<', "The CA cert"},
     {"selfsign", OPT_SELFSIGN, '-',
@@ -228,17 +228,17 @@ OPTIONS ca_options[] = {
     {"in", OPT_IN, '<', "The input PEM encoded cert request(s)"},
     {"out", OPT_OUT, '>', "Where to put the output file(s)"},
     {"outdir", OPT_OUTDIR, '/', "Where to put output cert"},
-    {"sigopt", OPT_SIGOPT, 's'},
-    {"notext", OPT_NOTEXT, '-'},
+    {"sigopt", OPT_SIGOPT, 's', "Signature parameter in n:v form"},
+    {"notext", OPT_NOTEXT, '-', "Do not print the generated certificate"},
     {"batch", OPT_BATCH, '-', "Don't ask questions"},
     {"preserveDN", OPT_PRESERVEDN, '-', "Don't re-order the DN"},
     {"noemailDN", OPT_NOEMAILDN, '-', "Don't add the EMAIL field to the DN"},
     {"gencrl", OPT_GENCRL, '-', "Generate a new CRL"},
     {"msie_hack", OPT_MSIE_HACK, '-',
      "msie modifications to handle all those universal strings"},
-    {"crldays", OPT_CRLDAYS, 'p', "Days is when the next CRL is due"},
-    {"crlhours", OPT_CRLHOURS, 'p', "Hours is when the next CRL is due"},
-    {"crlsec", OPT_CRLSEC, 'p'},
+    {"crldays", OPT_CRLDAYS, 'p', "Days until the next CRL is due"},
+    {"crlhours", OPT_CRLHOURS, 'p', "Hours until the next CRL is due"},
+    {"crlsec", OPT_CRLSEC, 'p', "Seconds until the next CRL is due"},
     {"infiles", OPT_INFILES, '-', "The last argument, requests to process"},
     {"ss_cert", OPT_SS_CERT, '<', "File contains a self signed cert to sign"},
     {"spkac", OPT_SPKAC, '<',
@@ -304,11 +304,6 @@ int ca_main(int argc, char **argv)
     X509_REVOKED *r = NULL;
     OPTION_CHOICE o;
 
-    conf = NULL;
-    section = NULL;
-    preserve = 0;
-    msie_hack = 0;
-
     prog = opt_init(argc, argv, ca_options);
     while ((o = opt_next()) != OPT_EOF) {
         switch (o) {
@@ -481,13 +476,11 @@ end_of_options:
     argv = opt_rest();
 
     BIO_printf(bio_err, "Using configuration from %s\n", configfile);
-    /* We already loaded the default config file */
-    if (configfile != default_config_file) {
-        if ((conf = app_load_config(configfile)) == NULL)
-            goto end;
-        if (!app_load_modules(conf))
-            goto end;
-    }
+
+    if ((conf = app_load_config(configfile)) == NULL)
+        goto end;
+    if (!app_load_modules(conf))
+        goto end;
 
     /* Lets get the config section we are using */
     if (section == NULL) {