Complain if -twopass is used incorrectly

[openssl.git] / doc / man1 / pkcs12.pod

diff --git a/doc/man1/pkcs12.pod b/doc/man1/pkcs12.pod
index a40ae7f04f765ee10b1aadda543e6ec58476416c..f4c4c41b27c073ed84e673a92a9e810d9dedfbbd 100644 (file)
--- a/doc/man1/pkcs12.pod
+++ b/doc/man1/pkcs12.pod
@@ -2,6 +2,7 @@
 
 =head1 NAME
 
+openssl-pkcs12,
 pkcs12 - PKCS#12 file utility
 
 =head1 SYNOPSIS
@@ -36,7 +37,8 @@ B<openssl> B<pkcs12>
 [B<-password arg>]
 [B<-passin arg>]
 [B<-passout arg>]
-[B<-rand file(s)>]
+[B<-rand file...>]
+[B<-writerand file>]
 [B<-CAfile file>]
 [B<-CApath dir>]
 [B<-no-CAfile>]
@@ -152,7 +154,8 @@ Don't attempt to verify the integrity MAC before reading the file.
 
 Prompt for separate integrity and encryption passwords: most software
 always assumes these are the same so this option will render such
-PKCS#12 files unreadable.
+PKCS#12 files unreadable. Cannot be used in combination with the options
+-password, -passin (if importing) or -passout (if exporting).
 
 =back
 
@@ -275,14 +278,19 @@ to be needed to use MAC iterations counts but they are now used by default.
 
 Don't attempt to provide the MAC integrity.
 
-=item B<-rand file(s)>
+=item B<-rand file...>
 
 A file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)>).
+generator.
 Multiple files can be specified separated by an OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
 
+=item [B<-writerand file>]
+
+Writes random data to the specified I<file> upon exit.
+This can be used with a subsequent B<-rand> flag.
+
 =item B<-CAfile file>
 
 CA storage as a file.