X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fapps%2Fverify.pod;h=764e617c3419593e010565f84c6d43b66629dfef;hp=f35d4029506aa44e45742bc716ea0be544054b22;hb=6d3d5793673b225b2347ef45b74d0d9994f3132c;hpb=2d7153e8f9bb27d0a0f8199116ec454b396b87a8

diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
index f35d402950..764e617c34 100644
--- a/doc/apps/verify.pod
+++ b/doc/apps/verify.pod
@@ -9,6 +9,7 @@ verify - Utility to verify certificates.
 B<openssl> B<verify>
 [B<-CApath directory>]
 [B<-CAfile file>]
+[B<-trusted_first>]
 [B<-purpose purpose>]
 [B<-policy arg>]
 [B<-ignore_critical>]
@@ -57,6 +58,12 @@ in PEM format concatenated together.
 A file of untrusted certificates. The file should contain multiple certificates
 in PEM format concatenated together.
 
+=item B<-trusted_first>
+
+Use certificates in CA file or CA directory before certificates in untrusted
+file when building the trust chain to verify certificates.
+This is mainly useful in environments with Bridge CA or Cross-Certified CAs.
+
 =item B<-purpose purpose>
 
 The intended use for the certificate. If this option is not specified,