Typo and additional information about cert-chain building.

author Lutz Jänicke <jaenicke@openssl.org>

Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)

committer Lutz Jänicke <jaenicke@openssl.org>

Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)
author Lutz Jänicke <jaenicke@openssl.org>
Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)
committer Lutz Jänicke <jaenicke@openssl.org>
Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)
diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod

index aeeee1a3bed6ce6249d6ca5925d862ee4f24e794..8e11606dadebeffd8a1fc5a32c8687e625618693 100644 (file)
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -46,7 +46,7 @@ is performed in the ordering of the extension number, regardless of other
  properties of the certificates.
  Use the B<c_rehash> utility to create the necessary links.
  
-The certificates in B<CAfile> are only looked up when required, e.g. when
+The certificates in B<CApath> are only looked up when required, e.g. when
  building the certificate chain or when actually performing the verification
  of a peer certificate.
  
@@ -62,6 +62,9 @@ matching the parameters is found, the verification process will be performed;
  no other certificates for the same parameters will be searched in case of
  failure.
  
+When building its own certificate chain, an OpenSSL client/server will
+try to fill in missing certificates from B<CAfile>/B<CApath>.
+
  =head1 WARNINGS
  
  If several CA certificates matching the name, key identifier, and serial
author	Lutz Jänicke <jaenicke@openssl.org>
	Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)
committer	Lutz Jänicke <jaenicke@openssl.org>
	Tue, 5 Dec 2000 16:47:22 +0000 (16:47 +0000)