Include MD4 in documentation.

[openssl.git] / doc / apps / ca.pod

diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 8f2b6fe4d6dc4609d48190f6cf31a3e35eb588e7..d35292586458c2bbb23fa7fac0058c423d517654 100644 (file)
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -23,9 +23,11 @@ B<openssl> B<ca>
 [B<-policy arg>]
 [B<-keyfile arg>]
 [B<-key arg>]
+[B<-passin arg>]
 [B<-cert file>]
 [B<-in file>]
 [B<-out file>]
+[B<-notext>]
 [B<-outdir dir>]
 [B<-infiles>]
 [B<-spkac file>]
@@ -98,10 +100,18 @@ the password used to encrypt the private key. Since on some
 systems the command line arguments are visible (e.g. Unix with
 the 'ps' utility) this option should be used with caution.
 
+=item B<-passin arg>
+
+the key password source. For more information about the format of B<arg>
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
 =item B<-verbose>
 
 this prints extra details about the operations being performed.
 
+=item B<-notext>
+
+don't output the text form of a certificate to the output file.
+
 =item B<-startdate date>
 
 this allows the start date to be explicitly set. The format of the
@@ -233,7 +243,8 @@ CA private key. Mandatory.
 
 =item B<RANDFILE>
 
-a file used to read and write random number seed information.
+a file used to read and write random number seed information, or
+an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
 
 =item B<default_days>
 
@@ -336,6 +347,10 @@ Sign a certificate request:
 
  openssl ca -in req.pem -out newcert.pem
 
+Sign a certificate request, using CA extensions:
+
+ openssl ca -in req.pem -extensions v3_ca -out newcert.pem
+
 Generate a CRL
 
  openssl ca -gencrl -out crl.pem
@@ -467,6 +482,7 @@ create an empty file.
 
 =head1 SEE ALSO
 
-req(1), spkac(1), x509(1), CA.pl(1), config(5)
+L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
+L<config(5)|config(5)>
 
 =cut