X-Git-Url: https://git.openssl.org/?a=blobdiff_plain;f=doc%2Fman3%2FSSL_CTX_set_verify.pod;h=716554793311efb9fd92b0be8ca5bcb0614d82a3;hb=b5cd751c695602cba4fbe67e590fc8112bf5d8fa;hp=c9b4daf42ab6de16786a7348d8d54b75d9bf91e2;hpb=9d75dce3e1f94be6006500089491cb3284f70d06;p=openssl.git diff --git a/doc/man3/SSL_CTX_set_verify.pod b/doc/man3/SSL_CTX_set_verify.pod index c9b4daf42a..7165547933 100644 --- a/doc/man3/SSL_CTX_set_verify.pod +++ b/doc/man3/SSL_CTX_set_verify.pod @@ -54,9 +54,9 @@ at the time of the initial handshake, such that post-handshake authentication can be requested by the server. A certificate callback will need to be set via SSL_CTX_set_client_cert_cb() if no certificate is provided at initialization. -SSL_verify_client_post_handshake() causes a Certificate Request message to be +SSL_verify_client_post_handshake() causes a CertificateRequest message to be sent by a server on the given B connection. The SSL_VERIFY_PEER flag must -be set, the SSL_VERIFY_POST_HANDSHAKE flag is optional. +be set; the SSL_VERIFY_POST_HANDSHAKE flag is optional. =head1 NOTES @@ -184,8 +184,8 @@ failure will lead to a termination of the TLS/SSL handshake with an alert message, if SSL_VERIFY_PEER is set. After calling SSL_force_post_handshake_auth(), the client will need to add a -certificate to its configuration before it can successfully authenticate. This -must be called before SSL_connect(). +certificate or certificate callback to its configuration before it can +successfully authenticate. This must be called before SSL_connect(). SSL_verify_client_post_handshake() requires that verify flags have been previously set, and that a client sent the post-handshake authentication @@ -194,7 +194,7 @@ invoked. A write operation must take place for the Certificate Request to be sent to the client, this can be done with SSL_do_handshake() or SSL_write_ex(). Only one certificate request may be outstanding at any time. -When post-handshake authentication occurs, a refreshed B +When post-handshake authentication occurs, a refreshed NewSessionTicket message is sent to the client. =head1 BUGS @@ -345,7 +345,7 @@ and SSL_force_post_handshake_auth() functions were added in OpenSSL 1.1.1. =head1 COPYRIGHT -Copyright 2000-2017 The OpenSSL Project Authors. All Rights Reserved. +Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved. Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy