Expand SSL_CTX_set_default_verify_paths() documentation

[openssl.git] / doc / ssl / SSL_CTX_load_verify_locations.pod

diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
index 7e78bc6d9b3f7a65d1e7ad0bd7894a41688df26f..59d11e03ee4d0fb6f566fc58c6bb8f5dfd81c414 100644 (file)
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -25,9 +25,13 @@ SSL_CTX_load_verify_locations() specifies the locations for B<ctx>, at
 which CA certificates for verification purposes are located. The certificates
 available via B<CAfile> and B<CApath> are trusted.
 
 which CA certificates for verification purposes are located. The certificates
 available via B<CAfile> and B<CApath> are trusted.
 

-SSL_CTX_set_default_verify_paths() specifies that the default locations for
+SSL_CTX_set_default_verify_paths() specifies that the default locations from

 which CA certificates are loaded should be used. There is one default directory
 which CA certificates are loaded should be used. There is one default directory

-and one default file.
+and one default file. The default CA certificates directory is called "certs" in
+the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment
+variable can be defined to override this location. The default CA certificates
+file is called "cert.pem" in the default OpenSSL directory. Alternatively the
+SSL_CERT_FILE environment variable can be defined to override this location.

 
 SSL_CTX_set_default_verify_dir() is similar to
 SSL_CTX_set_default_verify_paths() except that just the default directory is
 
 SSL_CTX_set_default_verify_dir() is similar to
 SSL_CTX_set_default_verify_paths() except that just the default directory is