Add some information about the location of the default directory and the
default file.
RT#1051
Reviewed-by: Andy Polyakov <appro@openssl.org>
which CA certificates for verification purposes are located. The certificates
available via B<CAfile> and B<CApath> are trusted.
which CA certificates for verification purposes are located. The certificates
available via B<CAfile> and B<CApath> are trusted.
-SSL_CTX_set_default_verify_paths() specifies that the default locations for
+SSL_CTX_set_default_verify_paths() specifies that the default locations from
which CA certificates are loaded should be used. There is one default directory
which CA certificates are loaded should be used. There is one default directory
+and one default file. The default CA certificates directory is called "certs" in
+the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment
+variable can be defined to override this location. The default CA certificates
+file is called "cert.pem" in the default OpenSSL directory. Alternatively the
+SSL_CERT_FILE environment variable can be defined to override this location.
SSL_CTX_set_default_verify_dir() is similar to
SSL_CTX_set_default_verify_paths() except that just the default directory is
SSL_CTX_set_default_verify_dir() is similar to
SSL_CTX_set_default_verify_paths() except that just the default directory is