From 9b86974e0c705ea321ddbc9a9d8562c894809e5b Mon Sep 17 00:00:00 2001
From: Rich Salz <rsalz@akamai.com>
Date: Mon, 17 Aug 2015 15:21:33 -0400
Subject: [PATCH] Fix L<> content in manpages

L<foo|foo> is sub-optimal  If the xref is the same as the title,
which is what we do, then you only need L<foo>.  This fixes all
1457 occurrences in 349 files.  Approximately.  (And pod used to
need both.)

Reviewed-by: Richard Levitte <levitte@openssl.org>
---
 doc/apps/CA.pl.pod                            |   6 +-
 doc/apps/asn1parse.pod                        |   4 +-
 doc/apps/c_rehash.pod                         |   6 +-
 doc/apps/ca.pod                               |  12 +-
 doc/apps/ciphers.pod                          |   2 +-
 doc/apps/cms.pod                              |   8 +-
 doc/apps/config.pod                           |   2 +-
 doc/apps/crl.pod                              |   4 +-
 doc/apps/crl2pkcs7.pod                        |   2 +-
 doc/apps/dgst.pod                             |   4 +-
 doc/apps/dhparam.pod                          |   4 +-
 doc/apps/dsa.pod                              |   8 +-
 doc/apps/dsaparam.pod                         |   6 +-
 doc/apps/ec.pod                               |   6 +-
 doc/apps/ecparam.pod                          |   4 +-
 doc/apps/enc.pod                              |   2 +-
 doc/apps/errstr.pod                           |   6 +-
 doc/apps/gendsa.pod                           |   6 +-
 doc/apps/genpkey.pod                          |   2 +-
 doc/apps/genrsa.pod                           |   6 +-
 doc/apps/openssl.pod                          |  26 +--
 doc/apps/pkcs12.pod                           |  12 +-
 doc/apps/pkcs7.pod                            |   2 +-
 doc/apps/pkcs8.pod                            |   8 +-
 doc/apps/pkey.pod                             |   8 +-
 doc/apps/pkeyparam.pod                        |   4 +-
 doc/apps/pkeyutl.pod                          |   6 +-
 doc/apps/rand.pod                             |   4 +-
 doc/apps/req.pod                              |  20 +--
 doc/apps/rsa.pod                              |   8 +-
 doc/apps/rsautl.pod                           |   2 +-
 doc/apps/s_client.pod                         |   8 +-
 doc/apps/s_server.pod                         |   8 +-
 doc/apps/s_time.pod                           |  14 +-
 doc/apps/sess_id.pod                          |   2 +-
 doc/apps/smime.pod                            |   6 +-
 doc/apps/spkac.pod                            |   4 +-
 doc/apps/ts.pod                               |  32 ++--
 doc/apps/tsget.pod                            |   2 +-
 doc/apps/verify.pod                           |   2 +-
 doc/apps/x509.pod                             |  10 +-
 doc/apps/x509v3_config.pod                    |   8 +-
 doc/crypto/ASN1_INTEGER_get_int64.pod         |   2 +-
 doc/crypto/ASN1_OBJECT_new.pod                |   4 +-
 doc/crypto/ASN1_STRING_length.pod             |   2 +-
 doc/crypto/ASN1_STRING_new.pod                |   2 +-
 doc/crypto/ASN1_STRING_print_ex.pod           |   4 +-
 doc/crypto/ASN1_generate_nconf.pod            |   4 +-
 doc/crypto/BIO_f_buffer.pod                   |  10 +-
 doc/crypto/BIO_f_ssl.pod                      |   2 +-
 doc/crypto/BIO_new_CMS.pod                    |   4 +-
 doc/crypto/BIO_read.pod                       |   6 +-
 doc/crypto/BIO_s_accept.pod                   |   2 +-
 doc/crypto/BIO_s_bio.pod                      |   4 +-
 doc/crypto/BIO_s_fd.pod                       |  12 +-
 doc/crypto/BIO_s_file.pod                     |  12 +-
 doc/crypto/BN_BLINDING_new.pod                |   2 +-
 doc/crypto/BN_CTX_new.pod                     |  10 +-
 doc/crypto/BN_CTX_start.pod                   |   6 +-
 doc/crypto/BN_add.pod                         |  14 +-
 doc/crypto/BN_add_word.pod                    |   4 +-
 doc/crypto/BN_bn2bin.pod                      |   8 +-
 doc/crypto/BN_cmp.pod                         |   2 +-
 doc/crypto/BN_copy.pod                        |   4 +-
 doc/crypto/BN_generate_prime.pod              |   4 +-
 doc/crypto/BN_mod_inverse.pod                 |   4 +-
 doc/crypto/BN_mod_mul_montgomery.pod          |   8 +-
 doc/crypto/BN_mod_mul_reciprocal.pod          |   8 +-
 doc/crypto/BN_new.pod                         |   4 +-
 doc/crypto/BN_num_bytes.pod                   |   4 +-
 doc/crypto/BN_rand.pod                        |   6 +-
 doc/crypto/BN_set_bit.pod                     |   4 +-
 doc/crypto/BN_swap.pod                        |   2 +-
 doc/crypto/BN_zero.pod                        |   2 +-
 doc/crypto/CMS_add0_cert.pod                  |   6 +-
 doc/crypto/CMS_add1_recipient_cert.pod        |   4 +-
 doc/crypto/CMS_add1_signer.pod                |   4 +-
 doc/crypto/CMS_compress.pod                   |   2 +-
 doc/crypto/CMS_decrypt.pod                    |   2 +-
 doc/crypto/CMS_encrypt.pod                    |   2 +-
 doc/crypto/CMS_final.pod                      |   4 +-
 doc/crypto/CMS_get0_RecipientInfos.pod        |   4 +-
 doc/crypto/CMS_get0_SignerInfos.pod           |   4 +-
 doc/crypto/CMS_get0_type.pod                  |   2 +-
 doc/crypto/CMS_get1_ReceiptRequest.pod        |   6 +-
 doc/crypto/CMS_sign.pod                       |   2 +-
 doc/crypto/CMS_sign_receipt.pod               |   6 +-
 doc/crypto/CMS_uncompress.pod                 |   2 +-
 doc/crypto/CMS_verify.pod                     |   4 +-
 doc/crypto/CMS_verify_receipt.pod             |   8 +-
 doc/crypto/CONF_modules_free.pod              |   4 +-
 doc/crypto/CONF_modules_load_file.pod         |   4 +-
 doc/crypto/CRYPTO_secure_malloc.pod           |   4 +-
 doc/crypto/CRYPTO_set_ex_data.pod             |   8 +-
 doc/crypto/DH_generate_key.pod                |   4 +-
 doc/crypto/DH_generate_parameters.pod         |  10 +-
 doc/crypto/DH_get_ex_new_index.pod            |   2 +-
 doc/crypto/DH_new.pod                         |   8 +-
 doc/crypto/DH_set_method.pod                  |   4 +-
 doc/crypto/DH_size.pod                        |   4 +-
 doc/crypto/DSA_SIG_new.pod                    |   6 +-
 doc/crypto/DSA_do_sign.pod                    |  10 +-
 doc/crypto/DSA_dup_DH.pod                     |   4 +-
 doc/crypto/DSA_generate_key.pod               |   6 +-
 doc/crypto/DSA_generate_parameters.pod        |  10 +-
 doc/crypto/DSA_get_ex_new_index.pod           |   2 +-
 doc/crypto/DSA_new.pod                        |   8 +-
 doc/crypto/DSA_set_method.pod                 |   4 +-
 doc/crypto/DSA_sign.pod                       |   6 +-
 doc/crypto/DSA_size.pod                       |   2 +-
 doc/crypto/EC_GFp_simple_method.pod           |  14 +-
 doc/crypto/EC_GROUP_copy.pod                  |   8 +-
 doc/crypto/EC_GROUP_new.pod                   |   8 +-
 doc/crypto/EC_KEY_new.pod                     |  18 +-
 doc/crypto/EC_POINT_add.pod                   |   8 +-
 doc/crypto/EC_POINT_new.pod                   |   6 +-
 doc/crypto/ERR_GET_LIB.pod                    |   2 +-
 doc/crypto/ERR_clear_error.pod                |   2 +-
 doc/crypto/ERR_error_string.pod               |  14 +-
 doc/crypto/ERR_get_error.pod                  |   8 +-
 doc/crypto/ERR_load_crypto_strings.pod        |   2 +-
 doc/crypto/ERR_load_strings.pod               |   2 +-
 doc/crypto/ERR_print_errors.pod               |   8 +-
 doc/crypto/ERR_put_error.pod                  |   4 +-
 doc/crypto/ERR_remove_state.pod               |   2 +-
 doc/crypto/ERR_set_mark.pod                   |   2 +-
 doc/crypto/EVP_BytesToKey.pod                 |   6 +-
 doc/crypto/EVP_DigestInit.pod                 |   4 +-
 doc/crypto/EVP_DigestSignInit.pod             |  12 +-
 doc/crypto/EVP_DigestVerifyInit.pod           |  12 +-
 doc/crypto/EVP_EncryptInit.pod                |   2 +-
 doc/crypto/EVP_OpenInit.pod                   |   8 +-
 doc/crypto/EVP_PKEY_CTX_ctrl.pod              |  16 +-
 doc/crypto/EVP_PKEY_CTX_new.pod               |   2 +-
 doc/crypto/EVP_PKEY_cmp.pod                   |   4 +-
 doc/crypto/EVP_PKEY_decrypt.pod               |  12 +-
 doc/crypto/EVP_PKEY_derive.pod                |  12 +-
 doc/crypto/EVP_PKEY_encrypt.pod               |  20 +--
 doc/crypto/EVP_PKEY_get_default_digest.pod    |   8 +-
 doc/crypto/EVP_PKEY_keygen.pod                |  14 +-
 doc/crypto/EVP_PKEY_new.pod                   |   4 +-
 doc/crypto/EVP_PKEY_print_private.pod         |   4 +-
 doc/crypto/EVP_PKEY_set1_RSA.pod              |   2 +-
 doc/crypto/EVP_PKEY_sign.pod                  |  20 +--
 doc/crypto/EVP_PKEY_verify.pod                |  12 +-
 doc/crypto/EVP_PKEY_verify_recover.pod        |  12 +-
 doc/crypto/EVP_SealInit.pod                   |   8 +-
 doc/crypto/EVP_SignInit.pod                   |  14 +-
 doc/crypto/EVP_VerifyInit.pod                 |  16 +-
 doc/crypto/OBJ_nid2obj.pod                    |   2 +-
 doc/crypto/OCSP_REQUEST_new.pod               |  12 +-
 doc/crypto/OCSP_cert_to_id.pod                |  12 +-
 doc/crypto/OCSP_request_add1_nonce.pod        |  12 +-
 doc/crypto/OCSP_response_find_status.pod      |  12 +-
 doc/crypto/OCSP_response_status.pod           |  12 +-
 doc/crypto/OCSP_sendreq_new.pod               |  12 +-
 doc/crypto/OPENSSL_VERSION_NUMBER.pod         |   2 +-
 doc/crypto/OPENSSL_config.pod                 |   6 +-
 doc/crypto/OPENSSL_load_builtin_modules.pod   |   2 +-
 doc/crypto/OpenSSL_add_all_algorithms.pod     |   4 +-
 doc/crypto/PEM_write_bio_CMS_stream.pod       |  10 +-
 doc/crypto/PEM_write_bio_PKCS7_stream.pod     |  10 +-
 doc/crypto/PKCS12_create.pod                  |   2 +-
 doc/crypto/PKCS12_parse.pod                   |   4 +-
 doc/crypto/PKCS5_PBKDF2_HMAC.pod              |   4 +-
 doc/crypto/PKCS7_decrypt.pod                  |   2 +-
 doc/crypto/PKCS7_encrypt.pod                  |   2 +-
 doc/crypto/PKCS7_sign.pod                     |   2 +-
 doc/crypto/PKCS7_sign_add_signer.pod          |   4 +-
 doc/crypto/PKCS7_verify.pod                   |   4 +-
 doc/crypto/RAND_add.pod                       |   8 +-
 doc/crypto/RAND_bytes.pod                     |   6 +-
 doc/crypto/RAND_cleanup.pod                   |   2 +-
 doc/crypto/RAND_egd.pod                       |  10 +-
 doc/crypto/RAND_load_file.pod                 |   2 +-
 doc/crypto/RAND_set_rand_method.pod           |   2 +-
 doc/crypto/RSA_blinding_on.pod                |   2 +-
 doc/crypto/RSA_check_key.pod                  |  10 +-
 doc/crypto/RSA_generate_key.pod               |  12 +-
 doc/crypto/RSA_get_ex_new_index.pod           |   4 +-
 doc/crypto/RSA_new.pod                        |   8 +-
 doc/crypto/RSA_padding_add_PKCS1_type_1.pod   |   8 +-
 doc/crypto/RSA_print.pod                      |   2 +-
 doc/crypto/RSA_private_encrypt.pod            |   8 +-
 doc/crypto/RSA_public_encrypt.pod             |   6 +-
 doc/crypto/RSA_set_method.pod                 |   4 +-
 doc/crypto/RSA_sign.pod                       |  12 +-
 doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod     |   8 +-
 doc/crypto/RSA_size.pod                       |   2 +-
 doc/crypto/SMIME_read_CMS.pod                 |   8 +-
 doc/crypto/SMIME_read_PKCS7.pod               |   8 +-
 doc/crypto/SMIME_write_CMS.pod                |   6 +-
 doc/crypto/SMIME_write_PKCS7.pod              |   6 +-
 doc/crypto/SSLeay_version.pod                 |   2 +-
 doc/crypto/X509_NAME_ENTRY_get_object.pod     |   4 +-
 doc/crypto/X509_NAME_add_entry_by_txt.pod     |   2 +-
 doc/crypto/X509_NAME_get_index_by_NID.pod     |   2 +-
 doc/crypto/X509_NAME_print_ex.pod             |   4 +-
 doc/crypto/X509_STORE_CTX_get_error.pod       |   2 +-
 .../X509_STORE_CTX_get_ex_new_index.pod       |   2 +-
 doc/crypto/X509_STORE_CTX_new.pod             |   4 +-
 doc/crypto/X509_STORE_CTX_set_verify_cb.pod   |   6 +-
 doc/crypto/X509_STORE_set_verify_cb_func.pod  |   4 +-
 doc/crypto/X509_VERIFY_PARAM_set_flags.pod    |   8 +-
 doc/crypto/X509_check_host.pod                |  12 +-
 doc/crypto/X509_new.pod                       |   4 +-
 doc/crypto/X509_verify_cert.pod               |   4 +-
 doc/crypto/bio.pod                            |  28 +--
 doc/crypto/blowfish.pod                       |   8 +-
 doc/crypto/bn.pod                             |  36 ++--
 doc/crypto/bn_internal.pod                    |   4 +-
 doc/crypto/buffer.pod                         |   2 +-
 doc/crypto/crypto.pod                         |  30 ++--
 doc/crypto/d2i_ASN1_OBJECT.pod                |   4 +-
 doc/crypto/d2i_CMS_ContentInfo.pod            |   4 +-
 doc/crypto/d2i_DHparams.pod                   |   4 +-
 doc/crypto/d2i_DSAPublicKey.pod               |   4 +-
 doc/crypto/d2i_ECPKParameters.pod             |   8 +-
 doc/crypto/d2i_ECPrivateKey.pod               |  20 +--
 doc/crypto/d2i_PKCS8PrivateKey.pod            |   8 +-
 doc/crypto/d2i_RSAPublicKey.pod               |   4 +-
 doc/crypto/d2i_X509.pod                       |   8 +-
 doc/crypto/d2i_X509_ALGOR.pod                 |   4 +-
 doc/crypto/d2i_X509_CRL.pod                   |   4 +-
 doc/crypto/d2i_X509_NAME.pod                  |   4 +-
 doc/crypto/d2i_X509_REQ.pod                   |   4 +-
 doc/crypto/d2i_X509_SIG.pod                   |   4 +-
 doc/crypto/des.pod                            |  12 +-
 doc/crypto/des_modes.pod                      |   4 +-
 doc/crypto/dh.pod                             |  16 +-
 doc/crypto/dsa.pod                            |  26 +--
 doc/crypto/ec.pod                             |  20 +--
 doc/crypto/ecdsa.pod                          |   4 +-
 doc/crypto/engine.pod                         |   2 +-
 doc/crypto/err.pod                            |  32 ++--
 doc/crypto/evp.pod                            |  72 ++++----
 doc/crypto/hmac.pod                           |   2 +-
 doc/crypto/i2d_CMS_bio_stream.pod             |  10 +-
 doc/crypto/i2d_PKCS7_bio_stream.pod           |  10 +-
 doc/crypto/lh_stats.pod                       |   2 +-
 doc/crypto/lhash.pod                          |   2 +-
 doc/crypto/md5.pod                            |   4 +-
 doc/crypto/mdc2.pod                           |   4 +-
 doc/crypto/rand.pod                           |  18 +-
 doc/crypto/rc4.pod                            |   4 +-
 doc/crypto/ripemd.pod                         |   4 +-
 doc/crypto/rsa.pod                            |  24 +--
 doc/crypto/sha.pod                            |   4 +-
 doc/crypto/threads.pod                        |   2 +-
 doc/crypto/ui.pod                             |   4 +-
 doc/crypto/x509.pod                           |  26 +--
 doc/ssl/SSL_CIPHER_get_name.pod               |   4 +-
 doc/ssl/SSL_COMP_add_compression_method.pod   |   2 +-
 doc/ssl/SSL_CONF_CTX_new.pod                  |  10 +-
 doc/ssl/SSL_CONF_CTX_set1_prefix.pod          |  10 +-
 doc/ssl/SSL_CONF_CTX_set_flags.pod            |  10 +-
 doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod          |  10 +-
 doc/ssl/SSL_CONF_cmd.pod                      |  10 +-
 doc/ssl/SSL_CONF_cmd_argv.pod                 |  10 +-
 doc/ssl/SSL_CTX_add1_chain_cert.pod           |   2 +-
 doc/ssl/SSL_CTX_add_extra_chain_cert.pod      |  30 ++--
 doc/ssl/SSL_CTX_add_session.pod               |  10 +-
 doc/ssl/SSL_CTX_ctrl.pod                      |   2 +-
 doc/ssl/SSL_CTX_flush_sessions.pod            |  12 +-
 doc/ssl/SSL_CTX_free.pod                      |   4 +-
 doc/ssl/SSL_CTX_get0_param.pod                |   2 +-
 doc/ssl/SSL_CTX_get_ex_new_index.pod          |  10 +-
 doc/ssl/SSL_CTX_get_verify_mode.pod           |   2 +-
 doc/ssl/SSL_CTX_load_verify_locations.pod     |  18 +-
 doc/ssl/SSL_CTX_new.pod                       |   4 +-
 doc/ssl/SSL_CTX_sess_number.pod               |   8 +-
 doc/ssl/SSL_CTX_sess_set_cache_size.pod       |  10 +-
 doc/ssl/SSL_CTX_sess_set_get_cb.pod           |  20 +--
 doc/ssl/SSL_CTX_sessions.pod                  |  12 +-
 doc/ssl/SSL_CTX_set1_curves.pod               |   2 +-
 doc/ssl/SSL_CTX_set1_sigalgs.pod              |   4 +-
 doc/ssl/SSL_CTX_set1_verify_cert_store.pod    |  26 +--
 doc/ssl/SSL_CTX_set_cert_cb.pod               |  10 +-
 doc/ssl/SSL_CTX_set_cert_store.pod            |  12 +-
 doc/ssl/SSL_CTX_set_cert_verify_callback.pod  |  12 +-
 doc/ssl/SSL_CTX_set_cipher_list.pod           |  18 +-
 doc/ssl/SSL_CTX_set_client_CA_list.pod        |  12 +-
 doc/ssl/SSL_CTX_set_client_cert_cb.pod        |  20 +--
 doc/ssl/SSL_CTX_set_default_passwd_cb.pod     |   4 +-
 doc/ssl/SSL_CTX_set_generate_session_id.pod   |   2 +-
 doc/ssl/SSL_CTX_set_info_callback.pod         |   8 +-
 doc/ssl/SSL_CTX_set_max_cert_list.pod         |   8 +-
 doc/ssl/SSL_CTX_set_mode.pod                  |   4 +-
 doc/ssl/SSL_CTX_set_msg_callback.pod          |   4 +-
 doc/ssl/SSL_CTX_set_options.pod               |  14 +-
 doc/ssl/SSL_CTX_set_quiet_shutdown.pod        |  20 +--
 doc/ssl/SSL_CTX_set_read_ahead.pod            |   2 +-
 doc/ssl/SSL_CTX_set_session_cache_mode.pod    |  28 +--
 doc/ssl/SSL_CTX_set_session_id_context.pod    |   2 +-
 doc/ssl/SSL_CTX_set_ssl_version.pod           |  14 +-
 doc/ssl/SSL_CTX_set_timeout.pod               |  18 +-
 doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod  |  12 +-
 doc/ssl/SSL_CTX_set_tmp_dh_callback.pod       |  12 +-
 doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod      |  10 +-
 doc/ssl/SSL_CTX_set_verify.pod                |  28 +--
 doc/ssl/SSL_CTX_use_certificate.pod           |  26 +--
 doc/ssl/SSL_SESSION_free.pod                  |  16 +-
 doc/ssl/SSL_SESSION_get_ex_new_index.pod      |  10 +-
 doc/ssl/SSL_SESSION_get_time.pod              |   8 +-
 doc/ssl/SSL_SESSION_has_ticket.pod            |   8 +-
 doc/ssl/SSL_accept.pod                        |  10 +-
 doc/ssl/SSL_alert_type_string.pod             |   2 +-
 doc/ssl/SSL_check_chain.pod                   |   4 +-
 doc/ssl/SSL_clear.pod                         |  24 +--
 doc/ssl/SSL_connect.pod                       |  10 +-
 doc/ssl/SSL_do_handshake.pod                  |  10 +-
 doc/ssl/SSL_free.pod                          |  10 +-
 doc/ssl/SSL_get_SSL_CTX.pod                   |   4 +-
 doc/ssl/SSL_get_ciphers.pod                   |   6 +-
 doc/ssl/SSL_get_client_CA_list.pod            |  10 +-
 doc/ssl/SSL_get_client_random.pod             |   6 +-
 doc/ssl/SSL_get_current_cipher.pod            |   4 +-
 doc/ssl/SSL_get_default_timeout.pod           |  12 +-
 doc/ssl/SSL_get_error.pod                     |   2 +-
 .../SSL_get_ex_data_X509_STORE_CTX_idx.pod    |   6 +-
 doc/ssl/SSL_get_ex_new_index.pod              |  14 +-
 doc/ssl/SSL_get_extms_support.pod             |   2 +-
 doc/ssl/SSL_get_fd.pod                        |   2 +-
 doc/ssl/SSL_get_peer_cert_chain.pod           |   4 +-
 doc/ssl/SSL_get_peer_certificate.pod          |   8 +-
 doc/ssl/SSL_get_rbio.pod                      |   2 +-
 doc/ssl/SSL_get_session.pod                   |  14 +-
 doc/ssl/SSL_get_shared_sigalgs.pod            |   4 +-
 doc/ssl/SSL_get_verify_result.pod             |  10 +-
 doc/ssl/SSL_get_version.pod                   |   2 +-
 doc/ssl/SSL_library_init.pod                  |   4 +-
 doc/ssl/SSL_load_client_CA_file.pod           |   6 +-
 doc/ssl/SSL_new.pod                           |   8 +-
 doc/ssl/SSL_pending.pod                       |   8 +-
 doc/ssl/SSL_read.pod                          |  32 ++--
 doc/ssl/SSL_rstate_string.pod                 |   2 +-
 doc/ssl/SSL_session_reused.pod                |   4 +-
 doc/ssl/SSL_set_bio.pod                       |   6 +-
 doc/ssl/SSL_set_connect_state.pod             |  20 +--
 doc/ssl/SSL_set_fd.pod                        |   6 +-
 doc/ssl/SSL_set_session.pod                   |  10 +-
 doc/ssl/SSL_set_shutdown.pod                  |  12 +-
 doc/ssl/SSL_set_verify_result.pod             |   8 +-
 doc/ssl/SSL_shutdown.pod                      |  20 +--
 doc/ssl/SSL_state_string.pod                  |   2 +-
 doc/ssl/SSL_want.pod                          |  16 +-
 doc/ssl/SSL_write.pod                         |  24 +--
 doc/ssl/d2i_SSL_SESSION.pod                   |   8 +-
 doc/ssl/ssl.pod                               | 170 +++++++++---------
 349 files changed, 1468 insertions(+), 1468 deletions(-)

diff --git a/doc/apps/CA.pl.pod b/doc/apps/CA.pl.pod
index 92ae288748..35a40aae9d 100644
--- a/doc/apps/CA.pl.pod
+++ b/doc/apps/CA.pl.pod
@@ -128,7 +128,7 @@ the request and finally create a PKCS#12 file containing it.
 =head1 DSA CERTIFICATES
 
 Although the B<CA.pl> creates RSA CAs and requests it is still possible to
-use it with DSA certificates and requests using the L<req(1)|req(1)> command
+use it with DSA certificates and requests using the L<req(1)> command
 directly. The following example shows the steps that would typically be taken.
 
 Create some DSA parameters:
@@ -184,7 +184,7 @@ configuration file, not just its directory.
 
 =head1 SEE ALSO
 
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<req(1)|req(1)>, L<pkcs12(1)|pkcs12(1)>,
-L<config(5)|config(5)>
+L<x509(1)>, L<ca(1)>, L<req(1)>, L<pkcs12(1)>,
+L<config(5)>
 
 =cut
diff --git a/doc/apps/asn1parse.pod b/doc/apps/asn1parse.pod
index b44fb9fd3d..afe94b09d8 100644
--- a/doc/apps/asn1parse.pod
+++ b/doc/apps/asn1parse.pod
@@ -83,7 +83,7 @@ option can be used multiple times to "drill down" into a nested structure.
 =item B<-genstr string>, B<-genconf file>
 
 generate encoded data based on B<string>, B<file> or both using
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format. If B<file> only is
+L<ASN1_generate_nconf(3)> format. If B<file> only is
 present then the string is obtained from the default section using the name
 B<asn1>. The encoded data is passed through the ASN1 parser and printed out as
 though it came from a file, the contents can thus be examined and written to a
@@ -189,6 +189,6 @@ ASN.1 types is not well handled (if at all).
 
 =head1 SEE ALSO
 
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+L<ASN1_generate_nconf(3)>
 
 =cut
diff --git a/doc/apps/c_rehash.pod b/doc/apps/c_rehash.pod
index c3d98b678e..e0a3d1995b 100644
--- a/doc/apps/c_rehash.pod
+++ b/doc/apps/c_rehash.pod
@@ -109,6 +109,6 @@ Ignored if directories are listed on the command line.
 
 =head1 SEE ALSO
 
-L<openssl(1)|openssl(1)>,
-L<crl(1)|crl(1)>.
-L<x509(1)|x509(1)>.
+L<openssl(1)>,
+L<crl(1)>.
+L<x509(1)>.
diff --git a/doc/apps/ca.pod b/doc/apps/ca.pod
index 1d180706cc..be0153a4b0 100644
--- a/doc/apps/ca.pod
+++ b/doc/apps/ca.pod
@@ -141,7 +141,7 @@ self-signed certificate.
 =item B<-passin arg>
 
 the key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-verbose>
 
@@ -214,7 +214,7 @@ to be added when a certificate is issued (defaults to B<x509_extensions>
 unless the B<-extfile> option is used). If no extension section is
 present then, a V1 certificate is created. If the extension section
 is present (even if it is empty), then a V3 certificate is created. See the:w
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+L<x509v3_config(5)> manual page for details of the
 extension section format.
 
 =item B<-extfile file>
@@ -319,7 +319,7 @@ created, if the CRL extension section is present (even if it is
 empty) then a V2 CRL is created. The CRL extensions specified are
 CRL extensions and B<not> CRL entry extensions.  It should be noted
 that some software (for example Netscape) can't handle V2 CRLs. See
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+L<x509v3_config(5)> manual page for details of the
 extension section format.
 
 =back
@@ -380,7 +380,7 @@ CA private key. Mandatory.
 =item B<RANDFILE>
 
 a file used to read and write random number seed information, or
-an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+an EGD socket (see L<RAND_egd(3)>).
 
 =item B<default_days>
 
@@ -690,7 +690,7 @@ then even if a certificate is issued with CA:TRUE it will not be valid.
 
 =head1 SEE ALSO
 
-L<req(1)|req(1)>, L<spkac(1)|spkac(1)>, L<x509(1)|x509(1)>, L<CA.pl(1)|CA.pl(1)>,
-L<config(5)|config(5)>, L<x509v3_config(5)|x509v3_config(5)> 
+L<req(1)>, L<spkac(1)>, L<x509(1)>, L<CA.pl(1)>,
+L<config(5)>, L<x509v3_config(5)> 
 
 =cut
diff --git a/doc/apps/ciphers.pod b/doc/apps/ciphers.pod
index 3f146e8893..64f122ffed 100644
--- a/doc/apps/ciphers.pod
+++ b/doc/apps/ciphers.pod
@@ -721,7 +721,7 @@ Set security level to 2 and display all ciphers consistent with level 2:
 
 =head1 SEE ALSO
 
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ssl(3)|ssl(3)>
+L<s_client(1)>, L<s_server(1)>, L<ssl(3)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod
index 9001371a63..6b4beb4c27 100644
--- a/doc/apps/cms.pod
+++ b/doc/apps/cms.pod
@@ -434,12 +434,12 @@ or to modify default parameters for ECDH.
 =item B<-passin arg>
 
 the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -465,7 +465,7 @@ B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
 B<-verify_ip>, B<-verify_name>, B<-x509_strict>
 
 Set various certificate chain validation options. See the
-L<B<verify>|verify(1)> manual page for details.
+L<verify(1)> manual page for details.
 
 =back
 
@@ -515,7 +515,7 @@ tried whether they succeed or not and if no recipients match the message
 is "decrypted" using a random key which will typically output garbage. 
 The B<-debug_decrypt> option can be used to disable the MMA attack protection
 and return an error if no recipient can be found: this option should be used
-with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>).
+with caution. For a fuller description see L<CMS_decrypt(3)>).
 
 =head1 EXIT CODES
 
diff --git a/doc/apps/config.pod b/doc/apps/config.pod
index e12591528c..22bb6c50a8 100644
--- a/doc/apps/config.pod
+++ b/doc/apps/config.pod
@@ -345,6 +345,6 @@ file.
 
 =head1 SEE ALSO
 
-L<x509(1)|x509(1)>, L<req(1)|req(1)>, L<ca(1)|ca(1)>
+L<x509(1)>, L<req(1)>, L<ca(1)>
 
 =cut
diff --git a/doc/apps/crl.pod b/doc/apps/crl.pod
index 044a9da915..7dccbcc67f 100644
--- a/doc/apps/crl.pod
+++ b/doc/apps/crl.pod
@@ -57,7 +57,7 @@ print out the CRL in text form.
 =item B<-nameopt option>
 
 option which determines how the subject or issuer names are displayed. See
-the description of B<-nameopt> in L<x509(1)|x509(1)>.
+the description of B<-nameopt> in L<x509(1)>.
 
 =item B<-noout>
 
@@ -123,6 +123,6 @@ and files too.
 
 =head1 SEE ALSO
 
-L<crl2pkcs7(1)|crl2pkcs7(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>
+L<crl2pkcs7(1)>, L<ca(1)>, L<x509(1)>
 
 =cut
diff --git a/doc/apps/crl2pkcs7.pod b/doc/apps/crl2pkcs7.pod
index 3797bc0df4..1a6e362c6a 100644
--- a/doc/apps/crl2pkcs7.pod
+++ b/doc/apps/crl2pkcs7.pod
@@ -86,6 +86,6 @@ install user certificates and CAs in MSIE using the Xenroll control.
 
 =head1 SEE ALSO
 
-L<pkcs7(1)|pkcs7(1)>
+L<pkcs7(1)>
 
 =cut
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
index 236e1b783a..8c416f26aa 100644
--- a/doc/apps/dgst.pod
+++ b/doc/apps/dgst.pod
@@ -101,7 +101,7 @@ Names and values of these options are algorithm-specific.
 =item B<-passin arg>
 
 the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-verify filename>
 
@@ -152,7 +152,7 @@ for example exactly 32 chars for gost-mac.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others. 
diff --git a/doc/apps/dhparam.pod b/doc/apps/dhparam.pod
index 1cd4c76663..8bb196dea4 100644
--- a/doc/apps/dhparam.pod
+++ b/doc/apps/dhparam.pod
@@ -79,7 +79,7 @@ default generator 2.
 =item B<-rand> I<file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -139,7 +139,7 @@ There should be a way to generate and manipulate DH keys.
 
 =head1 SEE ALSO
 
-L<dsaparam(1)|dsaparam(1)>
+L<dsaparam(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/dsa.pod b/doc/apps/dsa.pod
index 8bf6cc9dca..4331cc379e 100644
--- a/doc/apps/dsa.pod
+++ b/doc/apps/dsa.pod
@@ -66,7 +66,7 @@ prompted for.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -78,7 +78,7 @@ filename.
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
 
@@ -158,7 +158,7 @@ To just output the public part of a private key:
 
 =head1 SEE ALSO
 
-L<dsaparam(1)|dsaparam(1)>, L<gendsa(1)|gendsa(1)>, L<rsa(1)|rsa(1)>,
-L<genrsa(1)|genrsa(1)>
+L<dsaparam(1)>, L<gendsa(1)>, L<rsa(1)>,
+L<genrsa(1)>
 
 =cut
diff --git a/doc/apps/dsaparam.pod b/doc/apps/dsaparam.pod
index ba5ec4d72c..1933857b6f 100644
--- a/doc/apps/dsaparam.pod
+++ b/doc/apps/dsaparam.pod
@@ -72,7 +72,7 @@ parameters.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -104,7 +104,7 @@ DSA parameters is often used to generate several distinct keys.
 
 =head1 SEE ALSO
 
-L<gendsa(1)|gendsa(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
+L<gendsa(1)>, L<dsa(1)>, L<genrsa(1)>,
+L<rsa(1)>
 
 =cut
diff --git a/doc/apps/ec.pod b/doc/apps/ec.pod
index 5c7b45d4e7..ebc49ea092 100644
--- a/doc/apps/ec.pod
+++ b/doc/apps/ec.pod
@@ -60,7 +60,7 @@ prompted for.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -72,7 +72,7 @@ filename.
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-des|-des3|-idea>
 
@@ -177,7 +177,7 @@ To change the point conversion form to B<compressed>:
 
 =head1 SEE ALSO
 
-L<ecparam(1)|ecparam(1)>, L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>
+L<ecparam(1)>, L<dsa(1)>, L<rsa(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/ecparam.pod b/doc/apps/ecparam.pod
index 88e9d1e83d..bfb155a82a 100644
--- a/doc/apps/ecparam.pod
+++ b/doc/apps/ecparam.pod
@@ -114,7 +114,7 @@ This option will generate a EC private key using the specified parameters.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -166,7 +166,7 @@ To print out the EC parameters to standard output:
 
 =head1 SEE ALSO
 
-L<ec(1)|ec(1)>, L<dsaparam(1)|dsaparam(1)>
+L<ec(1)>, L<dsaparam(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/enc.pod b/doc/apps/enc.pod
index 8f4ef999b4..1d25cf3dfc 100644
--- a/doc/apps/enc.pod
+++ b/doc/apps/enc.pod
@@ -53,7 +53,7 @@ the output filename, standard output by default.
 =item B<-pass arg>
 
 the password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-salt>
 
diff --git a/doc/apps/errstr.pod b/doc/apps/errstr.pod
index b3c6ccfc9c..02bd3dcd7b 100644
--- a/doc/apps/errstr.pod
+++ b/doc/apps/errstr.pod
@@ -31,9 +31,9 @@ to produce the error message:
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+L<err(3)>,
+L<ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)>
 
 
 =cut
diff --git a/doc/apps/gendsa.pod b/doc/apps/gendsa.pod
index d9f56be890..9a8278fdbd 100644
--- a/doc/apps/gendsa.pod
+++ b/doc/apps/gendsa.pod
@@ -39,7 +39,7 @@ If none of these options is specified no encryption is used.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -66,7 +66,7 @@ much quicker that RSA key generation for example.
 
 =head1 SEE ALSO
 
-L<dsaparam(1)|dsaparam(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<rsa(1)|rsa(1)>
+L<dsaparam(1)>, L<dsa(1)>, L<genrsa(1)>,
+L<rsa(1)>
 
 =cut
diff --git a/doc/apps/genpkey.pod b/doc/apps/genpkey.pod
index 0bce0b520f..d574caa867 100644
--- a/doc/apps/genpkey.pod
+++ b/doc/apps/genpkey.pod
@@ -38,7 +38,7 @@ This specifies the output format DER or PEM.
 =item B<-pass arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-cipher>
 
diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
index cb03d09b95..c27f773b36 100644
--- a/doc/apps/genrsa.pod
+++ b/doc/apps/genrsa.pod
@@ -46,7 +46,7 @@ used.
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
 
@@ -62,7 +62,7 @@ the public exponent to use, either 65537 or 3. The default is 65537.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -102,7 +102,7 @@ be much larger (typically 1024 bits).
 
 =head1 SEE ALSO
 
-L<gendsa(1)|gendsa(1)>
+L<gendsa(1)>
 
 =cut
 
diff --git a/doc/apps/openssl.pod b/doc/apps/openssl.pod
index 3e651b89d6..d996edaed8 100644
--- a/doc/apps/openssl.pod
+++ b/doc/apps/openssl.pod
@@ -396,19 +396,19 @@ read the password from standard input.
 
 =head1 SEE ALSO
 
-L<asn1parse(1)|asn1parse(1)>, L<ca(1)|ca(1)>, L<config(5)|config(5)>,
-L<crl(1)|crl(1)>, L<crl2pkcs7(1)|crl2pkcs7(1)>, L<dgst(1)|dgst(1)>,
-L<dhparam(1)|dhparam(1)>, L<dsa(1)|dsa(1)>, L<dsaparam(1)|dsaparam(1)>,
-L<enc(1)|enc(1)>, L<gendsa(1)|gendsa(1)>, L<genpkey(1)|genpkey(1)>,
-L<genrsa(1)|genrsa(1)>, L<nseq(1)|nseq(1)>, L<openssl(1)|openssl(1)>,
-L<passwd(1)|passwd(1)>,
-L<pkcs12(1)|pkcs12(1)>, L<pkcs7(1)|pkcs7(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<rand(1)|rand(1)>, L<req(1)|req(1)>, L<rsa(1)|rsa(1)>,
-L<rsautl(1)|rsautl(1)>, L<s_client(1)|s_client(1)>,
-L<s_server(1)|s_server(1)>, L<s_time(1)|s_time(1)>,
-L<smime(1)|smime(1)>, L<spkac(1)|spkac(1)>,
-L<verify(1)|verify(1)>, L<version(1)|version(1)>, L<x509(1)|x509(1)>,
-L<crypto(3)|crypto(3)>, L<ssl(3)|ssl(3)>, L<x509v3_config(5)|x509v3_config(5)>
+L<asn1parse(1)>, L<ca(1)>, L<config(5)>,
+L<crl(1)>, L<crl2pkcs7(1)>, L<dgst(1)>,
+L<dhparam(1)>, L<dsa(1)>, L<dsaparam(1)>,
+L<enc(1)>, L<gendsa(1)>, L<genpkey(1)>,
+L<genrsa(1)>, L<nseq(1)>, L<openssl(1)>,
+L<passwd(1)>,
+L<pkcs12(1)>, L<pkcs7(1)>, L<pkcs8(1)>,
+L<rand(1)>, L<req(1)>, L<rsa(1)>,
+L<rsautl(1)>, L<s_client(1)>,
+L<s_server(1)>, L<s_time(1)>,
+L<smime(1)>, L<spkac(1)>,
+L<verify(1)>, L<version(1)>, L<x509(1)>,
+L<crypto(3)>, L<ssl(3)>, L<x509v3_config(5)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod
index 744984838d..f956c8ed64 100644
--- a/doc/apps/pkcs12.pod
+++ b/doc/apps/pkcs12.pod
@@ -71,13 +71,13 @@ default.  They are all written in PEM format.
 
 the PKCS#12 file (i.e. input file) password source. For more information about
 the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
+L<openssl(1)>.
 
 =item B<-passout arg>
 
 pass phrase source to encrypt any outputted private keys with. For more
 information about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section
-in L<openssl(1)|openssl(1)>.
+in L<openssl(1)>.
 
 =item B<-password arg>
 
@@ -192,13 +192,13 @@ displays them.
 
 the PKCS#12 file (i.e. output file) password source. For more information about
 the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
+L<openssl(1)>.
 
 =item B<-passin password>
 
 pass phrase source to decrypt any input private keys with. For more information
 about the format of B<arg> see the B<PASS PHRASE ARGUMENTS> section in
-L<openssl(1)|openssl(1)>.
+L<openssl(1)>.
 
 =item B<-chain>
 
@@ -266,7 +266,7 @@ don't attempt to provide the MAC integrity.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -364,5 +364,5 @@ file from the keys and certificates using a newer version of OpenSSL. For exampl
 
 =head1 SEE ALSO
 
-L<pkcs8(1)|pkcs8(1)>
+L<pkcs8(1)>
 
diff --git a/doc/apps/pkcs7.pod b/doc/apps/pkcs7.pod
index acfb8100f0..024175e1cb 100644
--- a/doc/apps/pkcs7.pod
+++ b/doc/apps/pkcs7.pod
@@ -100,6 +100,6 @@ cannot currently parse, for example, the new CMS as described in RFC2630.
 
 =head1 SEE ALSO
 
-L<crl2pkcs7(1)|crl2pkcs7(1)>
+L<crl2pkcs7(1)>
 
 =cut
diff --git a/doc/apps/pkcs8.pod b/doc/apps/pkcs8.pod
index 433e55c6fd..ed8c4ade62 100644
--- a/doc/apps/pkcs8.pod
+++ b/doc/apps/pkcs8.pod
@@ -67,7 +67,7 @@ prompted for.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -79,7 +79,7 @@ filename.
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-iter count>
 
@@ -276,8 +276,8 @@ the old format at present.
 
 =head1 SEE ALSO
 
-L<dsa(1)|dsa(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)> 
+L<dsa(1)>, L<rsa(1)>, L<genrsa(1)>,
+L<gendsa(1)> 
 
 =head1 HISTORY
 
diff --git a/doc/apps/pkey.pod b/doc/apps/pkey.pod
index 4851223f3f..68f9409991 100644
--- a/doc/apps/pkey.pod
+++ b/doc/apps/pkey.pod
@@ -49,7 +49,7 @@ prompted for.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -61,7 +61,7 @@ filename.
 =item B<-passout password>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-cipher>
 
@@ -129,7 +129,7 @@ To just output the public part of a private key:
 
 =head1 SEE ALSO
 
-L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>,
+L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)> 
 
 =cut
diff --git a/doc/apps/pkeyparam.pod b/doc/apps/pkeyparam.pod
index 154f6721af..acfe9f9eea 100644
--- a/doc/apps/pkeyparam.pod
+++ b/doc/apps/pkeyparam.pod
@@ -63,7 +63,7 @@ PEM format is supported because the key type is determined by the PEM headers.
 
 =head1 SEE ALSO
 
-L<genpkey(1)|genpkey(1)>, L<rsa(1)|rsa(1)>, L<pkcs8(1)|pkcs8(1)>,
-L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>, L<gendsa(1)|gendsa(1)> 
+L<genpkey(1)>, L<rsa(1)>, L<pkcs8(1)>,
+L<dsa(1)>, L<genrsa(1)>, L<gendsa(1)> 
 
 =cut
diff --git a/doc/apps/pkeyutl.pod b/doc/apps/pkeyutl.pod
index 1f7596da17..b43763554e 100644
--- a/doc/apps/pkeyutl.pod
+++ b/doc/apps/pkeyutl.pod
@@ -59,7 +59,7 @@ the key format PEM, DER or ENGINE.
 =item B<-passin arg>
 
 the input key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 
 =item B<-peerkey file>
@@ -218,5 +218,5 @@ Derive a shared secret value:
 
 =head1 SEE ALSO
 
-L<genpkey(1)|genpkey(1)>, L<pkey(1)|pkey(1)>, L<rsautl(1)|rsautl(1)>
-L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
+L<genpkey(1)>, L<pkey(1)>, L<rsautl(1)>
+L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>
diff --git a/doc/apps/rand.pod b/doc/apps/rand.pod
index d1d213ef43..3679e6bef0 100644
--- a/doc/apps/rand.pod
+++ b/doc/apps/rand.pod
@@ -32,7 +32,7 @@ Write to I<file> instead of standard output.
 
 =item B<-rand> I<file(s)>
 
-Use specified file or files or EGD socket (see L<RAND_egd(3)|RAND_egd(3)>)
+Use specified file or files or EGD socket (see L<RAND_egd(3)>)
 for seeding the random number generator.
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
@@ -50,6 +50,6 @@ Show the output as a hex string.
 
 =head1 SEE ALSO
 
-L<RAND_bytes(3)|RAND_bytes(3)>
+L<RAND_bytes(3)>
 
 =cut
diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index 2ce2bca2c3..ae884a209b 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -79,7 +79,7 @@ options (B<-new> and B<-newkey>) are not specified.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -89,7 +89,7 @@ default.
 =item B<-passout arg>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-text>
 
@@ -137,7 +137,7 @@ characters may be escaped by \ (backslash), no spaces are skipped.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -270,14 +270,14 @@ configuration file, must be valid UTF8 strings.
 option which determines how the subject or issuer names are displayed. The
 B<option> argument can be a single option or multiple options separated by
 commas.  Alternatively the B<-nameopt> switch may be used more than once to
-set multiple options. See the L<x509(1)|x509(1)> manual page for details.
+set multiple options. See the L<x509(1)> manual page for details.
 
 =item B<-reqopt>
 
 customise the output format used with B<-text>. The B<option> argument can be
 a single option or multiple options separated by commas. 
 
-See discussion of the  B<-certopt> parameter in the L<B<x509>|x509(1)>
+See discussion of the  B<-certopt> parameter in the L<x509(1)>
 command.
 
 
@@ -374,7 +374,7 @@ and long names are the same when this option is used.
 =item B<RANDFILE>
 
 This specifies a filename in which random number seed information is
-placed and read from, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+placed and read from, or an EGD socket (see L<RAND_egd(3)>).
 It is used for private key generation.
 
 =item B<encrypt_key>
@@ -408,7 +408,7 @@ problems with BMPStrings and UTF8Strings: in particular Netscape.
 this specifies the configuration file section containing a list of
 extensions to add to the certificate request. It can be overridden
 by the B<-reqexts> command line switch. See the 
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+L<x509v3_config(5)> manual page for details of the
 extension section format.
 
 =item B<x509_extensions>
@@ -670,8 +670,8 @@ address in subjectAltName should be input by the user.
 
 =head1 SEE ALSO
 
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<config(5)|config(5)>,
-L<x509v3_config(5)|x509v3_config(5)> 
+L<x509(1)>, L<ca(1)>, L<genrsa(1)>,
+L<gendsa(1)>, L<config(5)>,
+L<x509v3_config(5)> 
 
 =cut
diff --git a/doc/apps/rsa.pod b/doc/apps/rsa.pod
index 734c602f70..427c6c68a9 100644
--- a/doc/apps/rsa.pod
+++ b/doc/apps/rsa.pod
@@ -68,7 +68,7 @@ prompted for.
 =item B<-passin arg>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-out filename>
 
@@ -80,7 +80,7 @@ filename.
 =item B<-passout password>
 
 the output file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-aes128|-aes192|-aes256|-camellia128|-camellia192|-camellia256|-des|-des3|-idea>
 
@@ -197,7 +197,7 @@ without having to manually edit them.
 
 =head1 SEE ALSO
 
-L<pkcs8(1)|pkcs8(1)>, L<dsa(1)|dsa(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)> 
+L<pkcs8(1)>, L<dsa(1)>, L<genrsa(1)>,
+L<gendsa(1)> 
 
 =cut
diff --git a/doc/apps/rsautl.pod b/doc/apps/rsautl.pod
index 1a498c2f62..bc87674641 100644
--- a/doc/apps/rsautl.pod
+++ b/doc/apps/rsautl.pod
@@ -180,4 +180,4 @@ which it can be seen agrees with the recovered value above.
 
 =head1 SEE ALSO
 
-L<dgst(1)|dgst(1)>, L<rsa(1)|rsa(1)>, L<genrsa(1)|genrsa(1)>
+L<dgst(1)>, L<rsa(1)>, L<genrsa(1)>
diff --git a/doc/apps/s_client.pod b/doc/apps/s_client.pod
index e91b9f1334..04982e6414 100644
--- a/doc/apps/s_client.pod
+++ b/doc/apps/s_client.pod
@@ -132,7 +132,7 @@ The private format to use: DER or PEM. PEM is the default.
 =item B<-pass arg>
 
 the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-verify depth>
 
@@ -167,7 +167,7 @@ B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
 B<-verify_ip>, B<-verify_name>, B<-x509_strict>
 
 Set various certificate chain validation options. See the
-L<B<verify>|verify(1)> manual page for details.
+L<verify(1)> manual page for details.
 
 =item B<-reconnect>
 
@@ -325,7 +325,7 @@ for all available algorithms.
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -417,7 +417,7 @@ information whenever a session is renegotiated.
 
 =head1 SEE ALSO
 
-L<sess_id(1)|sess_id(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+L<sess_id(1)>, L<s_server(1)>, L<ciphers(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/s_server.pod b/doc/apps/s_server.pod
index b2c2907c35..567df2cfef 100644
--- a/doc/apps/s_server.pod
+++ b/doc/apps/s_server.pod
@@ -139,7 +139,7 @@ The private format to use: DER or PEM. PEM is the default.
 =item B<-pass arg>
 
 the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-dcert filename>, B<-dkey keyname>
 
@@ -222,7 +222,7 @@ B<-no_alt_chains>, B<-use_deltas>, B<-verify_depth>, B<-verify_email>,
 B<-verify_hostname>, B<-verify_ip>, B<-verify_name>, B<-x509_strict>
 
 Set different peer certificate verification options.
-See the L<B<verify>|verify(1)> manual page for details.
+See the L<verify(1)> manual page for details.
 
 =item B<-verify_return_error>
 
@@ -356,7 +356,7 @@ IDs (eg. with a certain prefix).
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -474,7 +474,7 @@ unknown cipher suites a client says it supports.
 
 =head1 SEE ALSO
 
-L<sess_id(1)|sess_id(1)>, L<s_client(1)|s_client(1)>, L<ciphers(1)|ciphers(1)>
+L<sess_id(1)>, L<s_client(1)>, L<ciphers(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/s_time.pod b/doc/apps/s_time.pod
index b8dad09a03..50ac0e09fa 100644
--- a/doc/apps/s_time.pod
+++ b/doc/apps/s_time.pod
@@ -97,7 +97,7 @@ these options disable the use of certain SSL or TLS protocols. By default
 the initial handshake uses a method which should be compatible with all
 servers and permit them to use SSL v3 or TLS as appropriate.
 The timing program is not as rich in options to turn protocols on and off as
-the L<s_client(1)|s_client(1)> program and may not connect to all servers.
+the L<s_client(1)> program and may not connect to all servers.
 
 Unfortunately there are a lot of ancient and broken servers in use which
 cannot handle this technique and will fail to connect. Some servers only
@@ -113,7 +113,7 @@ option enables various workarounds.
 this allows the cipher list sent by the client to be modified. Although
 the server determines which cipher suite is used it should take the first
 supported cipher in the list sent by the client.
-See the L<ciphers(1)|ciphers(1)> command for more information.
+See the L<ciphers(1)> command for more information.
 
 =item B<-time length>
 
@@ -131,7 +131,7 @@ To connect to an SSL HTTP server and get the default page the command
  openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commoncipher [-ssl3]
 
 would typically be used (https uses port 443). 'commoncipher' is a cipher to
-which both client and server can agree, see the L<ciphers(1)|ciphers(1)> command
+which both client and server can agree, see the L<ciphers(1)> command
 for details.
 
 If the handshake fails then there are several possible causes, if it is
@@ -144,10 +144,10 @@ A frequent problem when attempting to get client certificates working
 is that a web client complains it has no certificates or gives an empty
 list to choose from. This is normally because the server is not sending
 the clients certificate authority in its "acceptable CA list" when it
-requests a certificate. By using L<s_client(1)|s_client(1)> the CA list can be
+requests a certificate. By using L<s_client(1)> the CA list can be
 viewed and checked. However some servers only request client authentication
 after a specific URL is requested. To obtain the list in this case it
-is necessary to use the B<-prexit> option of L<s_client(1)|s_client(1)> and
+is necessary to use the B<-prexit> option of L<s_client(1)> and
 send an HTTP request for an appropriate page.
 
 If a certificate is specified on the command line using the B<-cert>
@@ -158,7 +158,7 @@ on the command line is no guarantee that the certificate works.
 =head1 BUGS
 
 Because this program does not have all the options of the
-L<s_client(1)|s_client(1)> program to turn protocols on and off, you may not be
+L<s_client(1)> program to turn protocols on and off, you may not be
 able to measure the performance of all protocols with all servers.
 
 The B<-verify> option should really exit if the server verification
@@ -166,6 +166,6 @@ fails.
 
 =head1 SEE ALSO
 
-L<s_client(1)|s_client(1)>, L<s_server(1)|s_server(1)>, L<ciphers(1)|ciphers(1)>
+L<s_client(1)>, L<s_server(1)>, L<ciphers(1)>
 
 =cut
diff --git a/doc/apps/sess_id.pod b/doc/apps/sess_id.pod
index a8b0ef09eb..391405787b 100644
--- a/doc/apps/sess_id.pod
+++ b/doc/apps/sess_id.pod
@@ -143,6 +143,6 @@ The cipher and start time should be printed out in human readable form.
 
 =head1 SEE ALSO
 
-L<ciphers(1)|ciphers(1)>, L<s_server(1)|s_server(1)>
+L<ciphers(1)>, L<s_server(1)>
 
 =cut
diff --git a/doc/apps/smime.pod b/doc/apps/smime.pod
index 31a85fbcc3..e9fbfda422 100644
--- a/doc/apps/smime.pod
+++ b/doc/apps/smime.pod
@@ -266,12 +266,12 @@ multiple times to specify successive keys.
 =item B<-passin arg>
 
 the private key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-rand file(s)>
 
 a file or files containing random data used to seed the random number
-generator, or an EGD socket (see L<RAND_egd(3)|RAND_egd(3)>).
+generator, or an EGD socket (see L<RAND_egd(3)>).
 Multiple files can be specified separated by a OS-dependent character.
 The separator is B<;> for MS-Windows, B<,> for OpenVMS, and B<:> for
 all others.
@@ -297,7 +297,7 @@ B<-use_deltas>, B<-verify_depth>, B<-verify_email>, B<-verify_hostname>,
 B<-verify_ip>, B<-verify_name>, B<-x509_strict>
 
 Set various options of certificate chain verification. See
-L<B<verify>|verify(1)> manual page for details.
+L<verify(1)> manual page for details.
 
 =back
 
diff --git a/doc/apps/spkac.pod b/doc/apps/spkac.pod
index 97fb80e401..553fd2d9e6 100644
--- a/doc/apps/spkac.pod
+++ b/doc/apps/spkac.pod
@@ -48,7 +48,7 @@ present.
 =item B<-passin password>
 
 the input file password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-challenge string>
 
@@ -128,6 +128,6 @@ to be used in a "replay attack".
 
 =head1 SEE ALSO
 
-L<ca(1)|ca(1)>
+L<ca(1)>
 
 =cut
diff --git a/doc/apps/ts.pod b/doc/apps/ts.pod
index 5aab465505..ff086d8b2a 100644
--- a/doc/apps/ts.pod
+++ b/doc/apps/ts.pod
@@ -200,7 +200,7 @@ The name of the file containing a DER encoded time stamp request. (Optional)
 =item B<-passin> password_src
 
 Specifies the password source for the private key of the TSA. See
-B<PASS PHRASE ARGUMENTS> in L<openssl(1)|openssl(1)>. (Optional)
+B<PASS PHRASE ARGUMENTS> in L<openssl(1)>. (Optional)
 
 =item B<-signer> tsa_cert.pem
 
@@ -312,7 +312,7 @@ of a time stamp response (TimeStampResp). (Optional)
 =item B<-CApath> trusted_cert_path
 
 The name of the directory containing the trusted CA certificates of the
-client. See the similar option of L<verify(1)|verify(1)> for additional
+client. See the similar option of L<verify(1)> for additional
 details. Either this option or B<-CAfile> must be specified. (Optional)
 
 
@@ -320,7 +320,7 @@ details. Either this option or B<-CAfile> must be specified. (Optional)
 
 The name of the file containing a set of trusted self-signed CA
 certificates in PEM format. See the similar option of
-L<verify(1)|verify(1)> for additional details. Either this option
+L<verify(1)> for additional details. Either this option
 or B<-CApath> must be specified.
 (Optional)
 
@@ -337,7 +337,7 @@ all intermediate CA certificates unless the response includes them.
 =head1 CONFIGURATION FILE OPTIONS
 
 The B<-query> and B<-reply> commands make use of a configuration file
-defined by the B<OPENSSL_CONF> environment variable. See L<config(5)|config(5)>
+defined by the B<OPENSSL_CONF> environment variable. See L<config(5)>
 for a general description of the syntax of the config file. The
 B<-query> command uses only the symbolic OID names section
 and it can work without it. However, the B<-reply> command needs the
@@ -356,15 +356,15 @@ section can be overridden with the B<-section> command line switch. (Optional)
 
 =item B<oid_file>
 
-See L<ca(1)|ca(1)> for description. (Optional)
+See L<ca(1)> for description. (Optional)
 
 =item B<oid_section>
 
-See L<ca(1)|ca(1)> for description. (Optional)
+See L<ca(1)> for description. (Optional)
 
 =item B<RANDFILE>
 
-See L<ca(1)|ca(1)> for description. (Optional)
+See L<ca(1)> for description. (Optional)
 
 =item B<serial>
 
@@ -493,8 +493,8 @@ Before generating a response a signing certificate must be created for
 the TSA that contains the B<timeStamping> critical extended key usage extension
 without any other key usage extensions. You can add the
 'extendedKeyUsage = critical,timeStamping' line to the user certificate section
-of the config file to generate a proper certificate. See L<req(1)|req(1)>,
-L<ca(1)|ca(1)>, L<x509(1)|x509(1)> for instructions. The examples
+of the config file to generate a proper certificate. See L<req(1)>,
+L<ca(1)>, L<x509(1)> for instructions. The examples
 below assume that cacert.pem contains the certificate of the CA,
 tsacert.pem is the signing certificate issued by cacert.pem and
 tsakey.pem is the private key of the TSA.
@@ -559,14 +559,14 @@ Zoltan Glozik <zglozik@opentsa.org>. Known issues:
 =over 4
 
 =item * No support for time stamps over SMTP, though it is quite easy
-to implement an automatic e-mail based TSA with L<procmail(1)|procmail(1)>
-and L<perl(1)|perl(1)>. HTTP server support is provided in the form of
+to implement an automatic e-mail based TSA with L<procmail(1)>
+and L<perl(1)>. HTTP server support is provided in the form of
 a separate apache module. HTTP client support is provided by
-L<tsget(1)|tsget(1)>. Pure TCP/IP protocol is not supported.
+L<tsget(1)>. Pure TCP/IP protocol is not supported.
 
 =item * The file containing the last serial number of the TSA is not
 locked when being read or written. This is a problem if more than one
-instance of L<openssl(1)|openssl(1)> is trying to create a time stamp
+instance of L<openssl(1)> is trying to create a time stamp
 response at the same time. This is not an issue when using the apache
 server module, it does proper locking.
 
@@ -587,8 +587,8 @@ Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
 
 =head1 SEE ALSO
 
-L<tsget(1)|tsget(1)>, L<openssl(1)|openssl(1)>, L<req(1)|req(1)>,
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<config(5)|config(5)>
+L<tsget(1)>, L<openssl(1)>, L<req(1)>,
+L<x509(1)>, L<ca(1)>, L<genrsa(1)>,
+L<config(5)>
 
 =cut
diff --git a/doc/apps/tsget.pod b/doc/apps/tsget.pod
index 56db985c4b..3452c63a16 100644
--- a/doc/apps/tsget.pod
+++ b/doc/apps/tsget.pod
@@ -188,7 +188,7 @@ Zoltan Glozik <zglozik@opentsa.org>, OpenTSA project (http://www.opentsa.org)
 
 =head1 SEE ALSO
 
-L<openssl(1)|openssl(1)>, L<ts(1)|ts(1)>, L<curl(1)|curl(1)>, 
+L<openssl(1)>, L<ts(1)>, L<curl(1)>, 
 B<RFC 3161>
 
 =cut
diff --git a/doc/apps/verify.pod b/doc/apps/verify.pod
index b1253da740..f7364f3e7d 100644
--- a/doc/apps/verify.pod
+++ b/doc/apps/verify.pod
@@ -498,7 +498,7 @@ B<20 X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY> error codes.
 
 =head1 SEE ALSO
 
-L<x509(1)|x509(1)>
+L<x509(1)>
 
 =head1 HISTORY
 
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index a0127fe0f6..0c6aaeffa5 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -330,7 +330,7 @@ the request.
 =item B<-passin arg>
 
 the key password source. For more information about the format of B<arg>
-see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)|openssl(1)>.
+see the B<PASS PHRASE ARGUMENTS> section in L<openssl(1)>.
 
 =item B<-clrext>
 
@@ -416,7 +416,7 @@ the section to add certificate extensions from. If this option is not
 specified then the extensions should either be contained in the unnamed
 (default) section or the default section should contain a variable called
 "extensions" which contains the section to use. See the
-L<x509v3_config(5)|x509v3_config(5)> manual page for details of the
+L<x509v3_config(5)> manual page for details of the
 extension section format.
 
 =item B<-force_pubkey key>
@@ -872,9 +872,9 @@ OpenSSL 0.9.5 and later.
 
 =head1 SEE ALSO
 
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<genrsa(1)|genrsa(1)>,
-L<gendsa(1)|gendsa(1)>, L<verify(1)|verify(1)>,
-L<x509v3_config(5)|x509v3_config(5)> 
+L<req(1)>, L<ca(1)>, L<genrsa(1)>,
+L<gendsa(1)>, L<verify(1)>,
+L<x509v3_config(5)> 
 
 =head1 HISTORY
 
diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
index d1e67883d7..297cbaa440 100644
--- a/doc/apps/x509v3_config.pod
+++ b/doc/apps/x509v3_config.pod
@@ -176,7 +176,7 @@ prefacing the name with a B<+> character.
 
 otherName can include arbitrary data associated with an OID: the value
 should be the OID followed by a semicolon and the content in standard
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)> format.
+L<ASN1_generate_nconf(3)> format.
 
 Examples:
 
@@ -439,7 +439,7 @@ the data is formatted correctly for the given extension type.
 There are two ways to encode arbitrary extensions.
 
 The first way is to use the word ASN1 followed by the extension content
-using the same syntax as L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>.
+using the same syntax as L<ASN1_generate_nconf(3)>.
 For example:
 
  1.2.3.4=critical,ASN1:UTF8String:Some random data
@@ -520,8 +520,8 @@ for arbitrary extensions was added in OpenSSL 0.9.8
 
 =head1 SEE ALSO
 
-L<req(1)|req(1)>, L<ca(1)|ca(1)>, L<x509(1)|x509(1)>,
-L<ASN1_generate_nconf(3)|ASN1_generate_nconf(3)>
+L<req(1)>, L<ca(1)>, L<x509(1)>,
+L<ASN1_generate_nconf(3)>
 
 
 =cut
diff --git a/doc/crypto/ASN1_INTEGER_get_int64.pod b/doc/crypto/ASN1_INTEGER_get_int64.pod
index 8911afdc2b..a9e38f8d57 100644
--- a/doc/crypto/ASN1_INTEGER_get_int64.pod
+++ b/doc/crypto/ASN1_INTEGER_get_int64.pod
@@ -111,7 +111,7 @@ of NULL if an error occurs. They can fail if the pased type is incorrect
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ASN1_OBJECT_new.pod b/doc/crypto/ASN1_OBJECT_new.pod
index 36fc5716ec..4bdfe021bb 100644
--- a/doc/crypto/ASN1_OBJECT_new.pod
+++ b/doc/crypto/ASN1_OBJECT_new.pod
@@ -30,14 +30,14 @@ such as OBJ_nid2obj() are used instead.
 =head1 RETURN VALUES
 
 If the allocation fails, ASN1_OBJECT_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+code that can be obtained by L<ERR_get_error(3)>.
 Otherwise it returns a pointer to the newly allocated structure.
 
 ASN1_OBJECT_free() returns no value.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)|d2i_ASN1_OBJECT(3)>
+L<ERR_get_error(3)>, L<d2i_ASN1_OBJECT(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ASN1_STRING_length.pod b/doc/crypto/ASN1_STRING_length.pod
index 6fb9c949b6..4c9ad0a31c 100644
--- a/doc/crypto/ASN1_STRING_length.pod
+++ b/doc/crypto/ASN1_STRING_length.pod
@@ -76,7 +76,7 @@ when calling ASN1_STRING_set().
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ASN1_STRING_new.pod b/doc/crypto/ASN1_STRING_new.pod
index 6c0b303c27..76e983a820 100644
--- a/doc/crypto/ASN1_STRING_new.pod
+++ b/doc/crypto/ASN1_STRING_new.pod
@@ -38,7 +38,7 @@ ASN1_STRING_free() does not return a value.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ASN1_STRING_print_ex.pod b/doc/crypto/ASN1_STRING_print_ex.pod
index 19c82ff1e4..2be7f7caa2 100644
--- a/doc/crypto/ASN1_STRING_print_ex.pod
+++ b/doc/crypto/ASN1_STRING_print_ex.pod
@@ -86,8 +86,8 @@ equivalent to:
 
 =head1 SEE ALSO
 
-L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
-L<ASN1_tag2str(3)|ASN1_tag2str(3)>
+L<X509_NAME_print_ex(3)>,
+L<ASN1_tag2str(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ASN1_generate_nconf.pod b/doc/crypto/ASN1_generate_nconf.pod
index 5dc1091c88..8c845aca88 100644
--- a/doc/crypto/ASN1_generate_nconf.pod
+++ b/doc/crypto/ASN1_generate_nconf.pod
@@ -252,11 +252,11 @@ structure:
 ASN1_generate_nconf() and ASN1_generate_v3() return the encoded
 data as an B<ASN1_TYPE> structure or B<NULL> if an error occurred.
 
-The error codes that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes that can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BIO_f_buffer.pod b/doc/crypto/BIO_f_buffer.pod
index 4b525efda9..d07c41917f 100644
--- a/doc/crypto/BIO_f_buffer.pod
+++ b/doc/crypto/BIO_f_buffer.pod
@@ -66,8 +66,8 @@ there was an error.
 
 =head1 SEE ALSO
 
-L<BIO(3)|BIO(3)>,
-L<BIO_reset(3)|BIO_reset(3)>,
-L<BIO_flush(3)|BIO_flush(3)>,
-L<BIO_pop(3)|BIO_pop(3)>,
-L<BIO_ctrl(3)|BIO_ctrl(3)>.
+L<BIO(3)>,
+L<BIO_reset(3)>,
+L<BIO_flush(3)>,
+L<BIO_pop(3)>,
+L<BIO_ctrl(3)>.
diff --git a/doc/crypto/BIO_f_ssl.pod b/doc/crypto/BIO_f_ssl.pod
index a0531b0e0e..00b29bdeda 100644
--- a/doc/crypto/BIO_f_ssl.pod
+++ b/doc/crypto/BIO_f_ssl.pod
@@ -132,7 +132,7 @@ TBA
 
 This SSL/TLS client example, attempts to retrieve a page from an
 SSL/TLS web server. The I/O routines are identical to those of the
-unencrypted example in L<BIO_s_connect(3)|BIO_s_connect(3)>.
+unencrypted example in L<BIO_s_connect(3)>.
 
  BIO *sbio, *out;
  int len;
diff --git a/doc/crypto/BIO_new_CMS.pod b/doc/crypto/BIO_new_CMS.pod
index 9e3a4b7f89..0069b8d7f0 100644
--- a/doc/crypto/BIO_new_CMS.pod
+++ b/doc/crypto/BIO_new_CMS.pod
@@ -56,8 +56,8 @@ occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_encrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BIO_read.pod b/doc/crypto/BIO_read.pod
index b34528104d..960ea45caa 100644
--- a/doc/crypto/BIO_read.pod
+++ b/doc/crypto/BIO_read.pod
@@ -52,15 +52,15 @@ I/O structure and may block as a result. Instead select() (or equivalent)
 should be combined with non blocking I/O so successive reads will request
 a retry instead of blocking.
 
-See L<BIO_should_retry(3)|BIO_should_retry(3)> for details of how to
+See L<BIO_should_retry(3)> for details of how to
 determine the cause of a retry and other I/O issues.
 
 If the BIO_gets() function is not supported by a BIO then it possible to
-work around this by adding a buffering BIO L<BIO_f_buffer(3)|BIO_f_buffer(3)>
+work around this by adding a buffering BIO L<BIO_f_buffer(3)>
 to the chain.
 
 =head1 SEE ALSO
 
-L<BIO_should_retry(3)|BIO_should_retry(3)>
+L<BIO_should_retry(3)>
 
 TBA
diff --git a/doc/crypto/BIO_s_accept.pod b/doc/crypto/BIO_s_accept.pod
index 45b73df770..8a23d42657 100644
--- a/doc/crypto/BIO_s_accept.pod
+++ b/doc/crypto/BIO_s_accept.pod
@@ -54,7 +54,7 @@ connection and reset the BIO into a state where it awaits another
 incoming connection.
 
 BIO_get_fd() and BIO_set_fd() can be called to retrieve or set
-the accept socket. See L<BIO_s_fd(3)|BIO_s_fd(3)>
+the accept socket. See L<BIO_s_fd(3)>
 
 BIO_set_accept_port() uses the string B<name> to set the accept
 port. The port is represented as a string of the form "host:port",
diff --git a/doc/crypto/BIO_s_bio.pod b/doc/crypto/BIO_s_bio.pod
index 0f15990562..998796b138 100644
--- a/doc/crypto/BIO_s_bio.pod
+++ b/doc/crypto/BIO_s_bio.pod
@@ -176,7 +176,7 @@ the peer might be waiting for the data before being able to continue.
 
 =head1 SEE ALSO
 
-L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<BIO_should_retry(3)|BIO_should_retry(3)>, L<BIO_read(3)|BIO_read(3)>
+L<SSL_set_bio(3)>, L<ssl(3)>, L<bio(3)>,
+L<BIO_should_retry(3)>, L<BIO_read(3)>
 
 =cut
diff --git a/doc/crypto/BIO_s_fd.pod b/doc/crypto/BIO_s_fd.pod
index b1de1d1015..2f6b033f0a 100644
--- a/doc/crypto/BIO_s_fd.pod
+++ b/doc/crypto/BIO_s_fd.pod
@@ -48,7 +48,7 @@ BIO_new_fd() returns a file descriptor BIO using B<fd> and B<close_flag>.
 The behaviour of BIO_read() and BIO_write() depends on the behavior of the
 platforms read() and write() calls on the descriptor. If the underlying 
 file descriptor is in a non blocking mode then the BIO will behave in the
-manner described in the L<BIO_read(3)|BIO_read(3)> and L<BIO_should_retry(3)|BIO_should_retry(3)>
+manner described in the L<BIO_read(3)> and L<BIO_should_retry(3)>
 manual pages.
 
 File descriptor BIOs should not be used for socket I/O. Use socket BIOs
@@ -82,8 +82,8 @@ This is a file descriptor BIO version of "Hello World":
 
 =head1 SEE ALSO
 
-L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
-L<BIO_reset(3)|BIO_reset(3)>, L<BIO_read(3)|BIO_read(3)>,
-L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
-L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
-L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
+L<BIO_seek(3)>, L<BIO_tell(3)>,
+L<BIO_reset(3)>, L<BIO_read(3)>,
+L<BIO_write(3)>, L<BIO_puts(3)>,
+L<BIO_gets(3)>, L<BIO_printf(3)>,
+L<BIO_set_close(3)>, L<BIO_get_close(3)>
diff --git a/doc/crypto/BIO_s_file.pod b/doc/crypto/BIO_s_file.pod
index 188aea347d..5adc569793 100644
--- a/doc/crypto/BIO_s_file.pod
+++ b/doc/crypto/BIO_s_file.pod
@@ -140,9 +140,9 @@ occurred this differs from other types of BIO which will typically return
 
 =head1 SEE ALSO
 
-L<BIO_seek(3)|BIO_seek(3)>, L<BIO_tell(3)|BIO_tell(3)>,
-L<BIO_reset(3)|BIO_reset(3)>, L<BIO_flush(3)|BIO_flush(3)>,
-L<BIO_read(3)|BIO_read(3)>,
-L<BIO_write(3)|BIO_write(3)>, L<BIO_puts(3)|BIO_puts(3)>,
-L<BIO_gets(3)|BIO_gets(3)>, L<BIO_printf(3)|BIO_printf(3)>,
-L<BIO_set_close(3)|BIO_set_close(3)>, L<BIO_get_close(3)|BIO_get_close(3)>
+L<BIO_seek(3)>, L<BIO_tell(3)>,
+L<BIO_reset(3)>, L<BIO_flush(3)>,
+L<BIO_read(3)>,
+L<BIO_write(3)>, L<BIO_puts(3)>,
+L<BIO_gets(3)>, L<BIO_printf(3)>,
+L<BIO_set_close(3)>, L<BIO_get_close(3)>
diff --git a/doc/crypto/BN_BLINDING_new.pod b/doc/crypto/BN_BLINDING_new.pod
index f8102ba765..65c6eab91d 100644
--- a/doc/crypto/BN_BLINDING_new.pod
+++ b/doc/crypto/BN_BLINDING_new.pod
@@ -98,7 +98,7 @@ parameters or NULL on error.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>
+L<bn(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_CTX_new.pod b/doc/crypto/BN_CTX_new.pod
index 958e551467..005c9f889a 100644
--- a/doc/crypto/BN_CTX_new.pod
+++ b/doc/crypto/BN_CTX_new.pod
@@ -28,8 +28,8 @@ B<BIGNUM>s.
 
 BN_CTX_free() frees the components of the B<BN_CTX>, and if it was
 created by BN_CTX_new(), also the structure itself.
-If L<BN_CTX_start(3)|BN_CTX_start(3)> has been used on the B<BN_CTX>,
-L<BN_CTX_end(3)|BN_CTX_end(3)> must be called before the B<BN_CTX>
+If L<BN_CTX_start(3)> has been used on the B<BN_CTX>,
+L<BN_CTX_end(3)> must be called before the B<BN_CTX>
 may be freed by BN_CTX_free().
 If B<c> is NULL, nothing is done.
 
@@ -38,7 +38,7 @@ If B<c> is NULL, nothing is done.
 BN_CTX_new() and BN_CTX_secure_new() return a pointer to the B<BN_CTX>.
 If the allocation fails,
 they return B<NULL> and sets an error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 BN_CTX_free() has no return values.
 
@@ -57,8 +57,8 @@ replace use of BN_CTX_init with BN_CTX_new instead:
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_start(3)|BN_CTX_start(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>,
+L<BN_CTX_start(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_CTX_start.pod b/doc/crypto/BN_CTX_start.pod
index dfcefe1a88..57ddff6561 100644
--- a/doc/crypto/BN_CTX_start.pod
+++ b/doc/crypto/BN_CTX_start.pod
@@ -17,7 +17,7 @@ BN_CTX_start, BN_CTX_get, BN_CTX_end - use temporary BIGNUM variables
 =head1 DESCRIPTION
 
 These functions are used to obtain temporary B<BIGNUM> variables from
-a B<BN_CTX> (which can been created by using L<BN_CTX_new(3)|BN_CTX_new(3)>)
+a B<BN_CTX> (which can been created by using L<BN_CTX_new(3)>)
 in order to save the overhead of repeatedly creating and
 freeing B<BIGNUM>s in functions that are called from inside a loop.
 
@@ -38,12 +38,12 @@ BN_CTX_get() returns a pointer to the B<BIGNUM>, or B<NULL> on error.
 Once BN_CTX_get() has failed, the subsequent calls will return B<NULL>
 as well, so it is sufficient to check the return value of the last
 BN_CTX_get() call. In case of an error, an error code is set, which
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+can be obtained by L<ERR_get_error(3)>.
 
 
 =head1 SEE ALSO
 
-L<BN_CTX_new(3)|BN_CTX_new(3)>
+L<BN_CTX_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_add.pod b/doc/crypto/BN_add.pod
index 88c7a799ee..38eeb3cd68 100644
--- a/doc/crypto/BN_add.pod
+++ b/doc/crypto/BN_add.pod
@@ -52,7 +52,7 @@ BN_sub() subtracts I<b> from I<a> and places the result in I<r> (C<r=a-b>).
 
 BN_mul() multiplies I<a> and I<b> and places the result in I<r> (C<r=a*b>).
 I<r> may be the same B<BIGNUM> as I<a> or I<b>.
-For multiplication by powers of 2, use L<BN_lshift(3)|BN_lshift(3)>.
+For multiplication by powers of 2, use L<BN_lshift(3)>.
 
 BN_sqr() takes the square of I<a> and places the result in I<r>
 (C<r=a^2>). I<r> and I<a> may be the same B<BIGNUM>.
@@ -80,8 +80,8 @@ BN_mod_mul() multiplies I<a> by I<b> and finds the non-negative
 remainder respective to modulus I<m> (C<r=(a*b) mod m>). I<r> may be
 the same B<BIGNUM> as I<a> or I<b>. For more efficient algorithms for
 repeated computations using the same modulus, see
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)> and
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>.
+L<BN_mod_mul_montgomery(3)> and
+L<BN_mod_mul_reciprocal(3)>.
 
 BN_mod_sqr() takes the square of I<a> modulo B<m> and places the
 result in I<r>.
@@ -98,7 +98,7 @@ places the result in I<r>. I<r> may be the same B<BIGNUM> as I<a> or
 I<b>.
 
 For all functions, I<ctx> is a previously allocated B<BN_CTX> used for
-temporary variables; see L<BN_CTX_new(3)|BN_CTX_new(3)>.
+temporary variables; see L<BN_CTX_new(3)>.
 
 Unless noted otherwise, the result B<BIGNUM> must be different from
 the arguments.
@@ -107,12 +107,12 @@ the arguments.
 
 For all functions, 1 is returned for success, 0 on error. The return
 value should always be checked (e.g., C<if (!BN_add(r,a,b)) goto err;>).
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
-L<BN_add_word(3)|BN_add_word(3)>, L<BN_set_bit(3)|BN_set_bit(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_CTX_new(3)>,
+L<BN_add_word(3)>, L<BN_set_bit(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_add_word.pod b/doc/crypto/BN_add_word.pod
index 70667d2893..4f472adb8a 100644
--- a/doc/crypto/BN_add_word.pod
+++ b/doc/crypto/BN_add_word.pod
@@ -40,14 +40,14 @@ For BN_div_word() and BN_mod_word(), B<w> must not be 0.
 =head1 RETURN VALUES
 
 BN_add_word(), BN_sub_word() and BN_mul_word() return 1 for success, 0
-on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+on error. The error codes can be obtained by L<ERR_get_error(3)>.
 
 BN_mod_word() and BN_div_word() return B<a>%B<w> on success and
 B<(BN_ULONG)-1> if an error occurred.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_bn2bin.pod b/doc/crypto/BN_bn2bin.pod
index a4b17ca60a..dbcd11f0e5 100644
--- a/doc/crypto/BN_bn2bin.pod
+++ b/doc/crypto/BN_bn2bin.pod
@@ -76,13 +76,13 @@ BN_print_fp() and BN_print() return 1 on success, 0 on write errors.
 BN_bn2mpi() returns the length of the representation. BN_mpi2bn()
 returns the B<BIGNUM>, and NULL on error.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_zero(3)|BN_zero(3)>,
-L<ASN1_INTEGER_to_BN(3)|ASN1_INTEGER_to_BN(3)>,
-L<BN_num_bytes(3)|BN_num_bytes(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_zero(3)>,
+L<ASN1_INTEGER_to_BN(3)>,
+L<BN_num_bytes(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_cmp.pod b/doc/crypto/BN_cmp.pod
index 23e9ed0b4f..6a9e341eb8 100644
--- a/doc/crypto/BN_cmp.pod
+++ b/doc/crypto/BN_cmp.pod
@@ -37,7 +37,7 @@ the condition is true, 0 otherwise.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>
+L<bn(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_copy.pod b/doc/crypto/BN_copy.pod
index 388dd7df26..834440fd35 100644
--- a/doc/crypto/BN_copy.pod
+++ b/doc/crypto/BN_copy.pod
@@ -21,11 +21,11 @@ containing the value B<from>.
 
 BN_copy() returns B<to> on success, NULL on error. BN_dup() returns
 the new B<BIGNUM>, and NULL on error. The error codes can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)>.
+by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<bn(3)>, L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_generate_prime.pod b/doc/crypto/BN_generate_prime.pod
index 858eb0fcd7..316d12fca3 100644
--- a/doc/crypto/BN_generate_prime.pod
+++ b/doc/crypto/BN_generate_prime.pod
@@ -154,7 +154,7 @@ structure.
 
 Callback functions should return 1 on success or 0 on error.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 REMOVED FUNCTIONALITY
 
@@ -173,7 +173,7 @@ Instead applications should create a BN_GENCB structure using BN_GENCB_new:
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<rand(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_mod_inverse.pod b/doc/crypto/BN_mod_inverse.pod
index 3ea3975c74..97bb378558 100644
--- a/doc/crypto/BN_mod_inverse.pod
+++ b/doc/crypto/BN_mod_inverse.pod
@@ -23,11 +23,11 @@ variables. B<r> may be the same B<BIGNUM> as B<a> or B<n>.
 =head1 RETURN VALUES
 
 BN_mod_inverse() returns the B<BIGNUM> containing the inverse, and
-NULL on error. The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+NULL on error. The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_mod_mul_montgomery.pod b/doc/crypto/BN_mod_mul_montgomery.pod
index d637e17d4c..9a18a09b74 100644
--- a/doc/crypto/BN_mod_mul_montgomery.pod
+++ b/doc/crypto/BN_mod_mul_montgomery.pod
@@ -28,7 +28,7 @@ BN_from_montgomery, BN_to_montgomery - Montgomery multiplication
 =head1 DESCRIPTION
 
 These functions implement Montgomery multiplication. They are used
-automatically when L<BN_mod_exp(3)|BN_mod_exp(3)> is called with suitable input,
+automatically when L<BN_mod_exp(3)> is called with suitable input,
 but they may be useful when several operations are to be performed
 using the same modulus.
 
@@ -62,7 +62,7 @@ on error.
 BN_MONT_CTX_free() has no return value.
 
 For the other functions, 1 is returned for success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 WARNING
 
@@ -91,8 +91,8 @@ BN_MONT_CTX_new:
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_new(3)|BN_CTX_new(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>,
+L<BN_CTX_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_mod_mul_reciprocal.pod b/doc/crypto/BN_mod_mul_reciprocal.pod
index 7a7d503c83..20357dcacf 100644
--- a/doc/crypto/BN_mod_mul_reciprocal.pod
+++ b/doc/crypto/BN_mod_mul_reciprocal.pod
@@ -24,7 +24,7 @@ reciprocal
 =head1 DESCRIPTION
 
 BN_mod_mul_reciprocal() can be used to perform an efficient
-L<BN_mod_mul(3)|BN_mod_mul(3)> operation when the operation will be performed
+L<BN_mod_mul(3)> operation when the operation will be performed
 repeatedly with the same modulus. It computes B<r>=(B<a>*B<b>)%B<m>
 using B<recp>=1/B<m>, which is set as described below.  B<ctx> is a
 previously allocated B<BN_CTX> used for temporary variables.
@@ -54,7 +54,7 @@ on error.
 BN_RECP_CTX_init() and BN_RECP_CTX_free() have no return values.
 
 For the other functions, 1 is returned for success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 REMOVED FUNCTIONALITY
 
@@ -78,8 +78,8 @@ instead:
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<BN_add(3)|BN_add(3)>,
-L<BN_CTX_new(3)|BN_CTX_new(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<BN_add(3)>,
+L<BN_CTX_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_new.pod b/doc/crypto/BN_new.pod
index fa157d3c83..f5b5100083 100644
--- a/doc/crypto/BN_new.pod
+++ b/doc/crypto/BN_new.pod
@@ -33,7 +33,7 @@ If B<a> is NULL, nothing is done.
 
 BN_new() returns a pointer to the B<BIGNUM>. If the allocation fails,
 it returns B<NULL> and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)>.
+by L<ERR_get_error(3)>.
 
 BN_clear(), BN_free() and BN_clear_free() have no return values.
 
@@ -57,7 +57,7 @@ Applications should replace use of BN_init with BN_new instead:
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<bn(3)>, L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_num_bytes.pod b/doc/crypto/BN_num_bytes.pod
index a6a2e3f819..54f200b2da 100644
--- a/doc/crypto/BN_num_bytes.pod
+++ b/doc/crypto/BN_num_bytes.pod
@@ -46,8 +46,8 @@ more probability).
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<DH_size(3)|DH_size(3)>, L<DSA_size(3)|DSA_size(3)>,
-L<RSA_size(3)|RSA_size(3)>
+L<bn(3)>, L<DH_size(3)>, L<DSA_size(3)>,
+L<RSA_size(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_rand.pod b/doc/crypto/BN_rand.pod
index b3aec96cdc..06760637d4 100644
--- a/doc/crypto/BN_rand.pod
+++ b/doc/crypto/BN_rand.pod
@@ -42,12 +42,12 @@ The PRNG must be seeded prior to calling BN_rand() or BN_rand_range().
 =head1 RETURN VALUES
 
 The functions return 1 on success, 0 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<RAND_add(3)|RAND_add(3)>, L<RAND_bytes(3)|RAND_bytes(3)>
+L<bn(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<RAND_add(3)>, L<RAND_bytes(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_set_bit.pod b/doc/crypto/BN_set_bit.pod
index a32cca2cee..20c24f0413 100644
--- a/doc/crypto/BN_set_bit.pod
+++ b/doc/crypto/BN_set_bit.pod
@@ -51,11 +51,11 @@ For the shift functions, B<r> and B<a> may be the same variable.
 BN_is_bit_set() returns 1 if the bit is set, 0 otherwise.
 
 All other functions return 1 for success, 0 on error. The error codes
-can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>, L<BN_add(3)|BN_add(3)>
+L<bn(3)>, L<BN_num_bytes(3)>, L<BN_add(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_swap.pod b/doc/crypto/BN_swap.pod
index 79efaa1446..8e764e39a4 100644
--- a/doc/crypto/BN_swap.pod
+++ b/doc/crypto/BN_swap.pod
@@ -14,7 +14,7 @@ BN_swap - exchange BIGNUMs
 
 BN_swap() exchanges the values of I<a> and I<b>.
 
-L<bn(3)|bn(3)>
+L<bn(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/BN_zero.pod b/doc/crypto/BN_zero.pod
index b555ec3988..6b0c6392b4 100644
--- a/doc/crypto/BN_zero.pod
+++ b/doc/crypto/BN_zero.pod
@@ -45,7 +45,7 @@ unsigned long but this value is also returned on error.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
+L<bn(3)>, L<BN_bn2bin(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_add0_cert.pod b/doc/crypto/CMS_add0_cert.pod
index 8678ca18a5..ec1280198e 100644
--- a/doc/crypto/CMS_add0_cert.pod
+++ b/doc/crypto/CMS_add0_cert.pod
@@ -54,9 +54,9 @@ in practice is if the B<cms> type is invalid.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<ERR_get_error(3)>,
+L<CMS_sign(3)>,
+L<CMS_encrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_add1_recipient_cert.pod b/doc/crypto/CMS_add1_recipient_cert.pod
index d7d8e2532c..4f947034bc 100644
--- a/doc/crypto/CMS_add1_recipient_cert.pod
+++ b/doc/crypto/CMS_add1_recipient_cert.pod
@@ -51,8 +51,8 @@ occurs.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>,
-L<CMS_final(3)|CMS_final(3)>,
+L<ERR_get_error(3)>, L<CMS_decrypt(3)>,
+L<CMS_final(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_add1_signer.pod b/doc/crypto/CMS_add1_signer.pod
index a055b82695..2bcac66aad 100644
--- a/doc/crypto/CMS_add1_signer.pod
+++ b/doc/crypto/CMS_add1_signer.pod
@@ -91,8 +91,8 @@ structure just added or NULL if an error occurs.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_final(3)|CMS_final(3)>,
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_final(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_compress.pod b/doc/crypto/CMS_compress.pod
index 0a0715271d..583b1ecc89 100644
--- a/doc/crypto/CMS_compress.pod
+++ b/doc/crypto/CMS_compress.pod
@@ -63,7 +63,7 @@ occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_uncompress(3)|CMS_uncompress(3)>
+L<ERR_get_error(3)>, L<CMS_uncompress(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_decrypt.pod b/doc/crypto/CMS_decrypt.pod
index 3fa9212af3..99e48117d2 100644
--- a/doc/crypto/CMS_decrypt.pod
+++ b/doc/crypto/CMS_decrypt.pod
@@ -70,7 +70,7 @@ mentioned in CMS_verify() also applies to CMS_decrypt().
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<ERR_get_error(3)>, L<CMS_encrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_encrypt.pod b/doc/crypto/CMS_encrypt.pod
index 1ee5b275ec..4750942596 100644
--- a/doc/crypto/CMS_encrypt.pod
+++ b/doc/crypto/CMS_encrypt.pod
@@ -86,7 +86,7 @@ occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+L<ERR_get_error(3)>, L<CMS_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_final.pod b/doc/crypto/CMS_final.pod
index 36cf96b8a0..227ca839b2 100644
--- a/doc/crypto/CMS_final.pod
+++ b/doc/crypto/CMS_final.pod
@@ -31,8 +31,8 @@ CMS_final() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_encrypt(3)|CMS_encrypt(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_encrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_get0_RecipientInfos.pod b/doc/crypto/CMS_get0_RecipientInfos.pod
index fe49772a86..cc14af7d3e 100644
--- a/doc/crypto/CMS_get0_RecipientInfos.pod
+++ b/doc/crypto/CMS_get0_RecipientInfos.pod
@@ -107,11 +107,11 @@ CMS_RecipientInfo_encrypt() return 1 for success or 0 if an error occurs.
 CMS_RecipientInfo_ktri_cert_cmp() and CMS_RecipientInfo_kekri_cmp() return 0
 for a successful comparison and non zero otherwise.
 
-Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+Any error can be obtained from L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_decrypt(3)|CMS_decrypt(3)>
+L<ERR_get_error(3)>, L<CMS_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_get0_SignerInfos.pod b/doc/crypto/CMS_get0_SignerInfos.pod
index b46c0e07ab..531c338c53 100644
--- a/doc/crypto/CMS_get0_SignerInfos.pod
+++ b/doc/crypto/CMS_get0_SignerInfos.pod
@@ -68,11 +68,11 @@ zero otherwise.
 
 CMS_SignerInfo_set1_signer_cert() does not return a value.
 
-Any error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+Any error can be obtained from L<ERR_get_error(3)>
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+L<ERR_get_error(3)>, L<CMS_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_get0_type.pod b/doc/crypto/CMS_get0_type.pod
index 3ed92bdbbe..75ef40ae05 100644
--- a/doc/crypto/CMS_get0_type.pod
+++ b/doc/crypto/CMS_get0_type.pod
@@ -67,7 +67,7 @@ error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_get1_ReceiptRequest.pod b/doc/crypto/CMS_get1_ReceiptRequest.pod
index f546376a1e..f94baac24b 100644
--- a/doc/crypto/CMS_get1_ReceiptRequest.pod
+++ b/doc/crypto/CMS_get1_ReceiptRequest.pod
@@ -56,9 +56,9 @@ it is present but malformed.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>, L<CMS_verify(3)|CMS_verify(3)>
-L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_sign_receipt(3)>, L<CMS_verify(3)>
+L<CMS_verify_receipt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_sign.pod b/doc/crypto/CMS_sign.pod
index 2cc72de327..e05f854d86 100644
--- a/doc/crypto/CMS_sign.pod
+++ b/doc/crypto/CMS_sign.pod
@@ -109,7 +109,7 @@ occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_verify(3)|CMS_verify(3)>
+L<ERR_get_error(3)>, L<CMS_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_sign_receipt.pod b/doc/crypto/CMS_sign_receipt.pod
index cae1f83384..2083c88bb6 100644
--- a/doc/crypto/CMS_sign_receipt.pod
+++ b/doc/crypto/CMS_sign_receipt.pod
@@ -34,9 +34,9 @@ an error occurred.  The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<CMS_verify_receipt(3)|CMS_verify_receipt(3)>,
-L<CMS_sign(3)|CMS_sign(3)>
+L<ERR_get_error(3)>,
+L<CMS_verify_receipt(3)>,
+L<CMS_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_uncompress.pod b/doc/crypto/CMS_uncompress.pod
index c6056b027d..c6943acb24 100644
--- a/doc/crypto/CMS_uncompress.pod
+++ b/doc/crypto/CMS_uncompress.pod
@@ -45,7 +45,7 @@ mentioned in CMS_verify() also applies to CMS_decompress().
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_compress(3)|CMS_compress(3)>
+L<ERR_get_error(3)>, L<CMS_compress(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_verify.pod b/doc/crypto/CMS_verify.pod
index 7a2c1ee251..47ca32b188 100644
--- a/doc/crypto/CMS_verify.pod
+++ b/doc/crypto/CMS_verify.pod
@@ -104,7 +104,7 @@ occurred.
 
 CMS_get0_signers() returns all signers or NULL if an error occurred.
 
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+The error can be obtained from L<ERR_get_error(3)>
 
 =head1 BUGS
 
@@ -117,7 +117,7 @@ be held in memory if it is not detached.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CMS_verify_receipt.pod b/doc/crypto/CMS_verify_receipt.pod
index 9283e0e04b..1dcc3b8edc 100644
--- a/doc/crypto/CMS_verify_receipt.pod
+++ b/doc/crypto/CMS_verify_receipt.pod
@@ -32,13 +32,13 @@ supported since they do not make sense in the context of signed receipts.
 CMS_verify_receipt() returns 1 for a successful verification and zero if an
 error occurred.
 
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+The error can be obtained from L<ERR_get_error(3)>
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<CMS_sign_receipt(3)|CMS_sign_receipt(3)>,
-L<CMS_verify(3)|CMS_verify(3)>,
+L<ERR_get_error(3)>,
+L<CMS_sign_receipt(3)>,
+L<CMS_verify(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CONF_modules_free.pod b/doc/crypto/CONF_modules_free.pod
index 347020c5fe..866bd3f1d7 100644
--- a/doc/crypto/CONF_modules_free.pod
+++ b/doc/crypto/CONF_modules_free.pod
@@ -36,8 +36,8 @@ None of the functions return a value.
 
 =head1 SEE ALSO
 
-L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
-L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>
+L<conf(5)>, L<OPENSSL_config(3)>,
+L<CONF_modules_load_file(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CONF_modules_load_file.pod b/doc/crypto/CONF_modules_load_file.pod
index 731911a40a..e9930fe78e 100644
--- a/doc/crypto/CONF_modules_load_file.pod
+++ b/doc/crypto/CONF_modules_load_file.pod
@@ -127,8 +127,8 @@ return value of the failing module (this will always be zero or negative).
 
 =head1 SEE ALSO
 
-L<conf(5)|conf(5)>, L<OPENSSL_config(3)|OPENSSL_config(3)>,
-L<CONF_free(3)|CONF_free(3)>, L<err(3)|err(3)>
+L<conf(5)>, L<OPENSSL_config(3)>,
+L<CONF_free(3)>, L<err(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CRYPTO_secure_malloc.pod b/doc/crypto/CRYPTO_secure_malloc.pod
index a3b416ed08..5d233dbd77 100644
--- a/doc/crypto/CRYPTO_secure_malloc.pod
+++ b/doc/crypto/CRYPTO_secure_malloc.pod
@@ -80,8 +80,8 @@ return no values.
 
 =head1 SEE ALSO
 
-L<BN_new(3)|BN_new(3)>,
-L<bn_internal(3)|bn_internal(3)>
+L<BN_new(3)>,
+L<bn_internal(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/CRYPTO_set_ex_data.pod b/doc/crypto/CRYPTO_set_ex_data.pod
index 7409c02aac..8b6c3dee13 100644
--- a/doc/crypto/CRYPTO_set_ex_data.pod
+++ b/doc/crypto/CRYPTO_set_ex_data.pod
@@ -38,13 +38,13 @@ B<CRYPTO_get_ex_data()> returns the application data or 0 on failure. 0 may also
 be valid application data but currently it can only fail if given an invalid B<idx>
 parameter.
 
-On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+On failure an error code can be obtained from L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>
+L<RSA_get_ex_new_index(3)>,
+L<DSA_get_ex_new_index(3)>,
+L<DH_get_ex_new_index(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_generate_key.pod b/doc/crypto/DH_generate_key.pod
index 81f09fdf45..d787704bd2 100644
--- a/doc/crypto/DH_generate_key.pod
+++ b/doc/crypto/DH_generate_key.pod
@@ -36,11 +36,11 @@ DH_generate_key() returns 1 on success, 0 otherwise.
 DH_compute_key() returns the size of the shared secret on success, -1
 on error.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<DH_size(3)|DH_size(3)>
+L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>, L<DH_size(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_generate_parameters.pod b/doc/crypto/DH_generate_parameters.pod
index 7f81a04d91..ebbb1848f9 100644
--- a/doc/crypto/DH_generate_parameters.pod
+++ b/doc/crypto/DH_generate_parameters.pod
@@ -31,9 +31,9 @@ B<generator> is a small number E<gt> 1, typically 2 or 5.
 
 A callback function may be used to provide feedback about the progress
 of the key generation. If B<cb> is not B<NULL>, it will be
-called as described in L<BN_generate_prime(3)|BN_generate_prime(3)> while a random prime
+called as described in L<BN_generate_prime(3)> while a random prime
 number is generated, and when a prime has been found, B<BN_GENCB_call(cb, 3, 0)>
-is called. See L<BN_generate_prime(3)|BN_generate_prime(3)> for information on
+is called. See L<BN_generate_prime(3)> for information on
 the BN_GENCB_call() function.
 
 DH_check() validates Diffie-Hellman parameters. It checks that B<p> is
@@ -51,7 +51,7 @@ performed, 0 otherwise.
 DH_generate_parameters() (deprecated) returns a pointer to the DH structure, or
 NULL if the parameter generation fails.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -68,8 +68,8 @@ a usable generator.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DH_free(3)|DH_free(3)>
+L<dh(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DH_free(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_get_ex_new_index.pod b/doc/crypto/DH_get_ex_new_index.pod
index fa5eab2650..18714633bc 100644
--- a/doc/crypto/DH_get_ex_new_index.pod
+++ b/doc/crypto/DH_get_ex_new_index.pod
@@ -26,7 +26,7 @@ as described in L<RSA_get_ex_new_index(3)>.
 
 =head1 SEE ALSO
 
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dh(3)|dh(3)>
+L<RSA_get_ex_new_index(3)>, L<dh(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_new.pod b/doc/crypto/DH_new.pod
index 6245e4adaf..2d9fecdb5a 100644
--- a/doc/crypto/DH_new.pod
+++ b/doc/crypto/DH_new.pod
@@ -23,16 +23,16 @@ If B<dh> is NULL nothing is done.
 =head1 RETURN VALUES
 
 If the allocation fails, DH_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
+code that can be obtained by L<ERR_get_error(3)>. Otherwise it returns
 a pointer to the newly allocated structure.
 
 DH_free() returns no value.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_generate_key(3)|DH_generate_key(3)>
+L<dh(3)>, L<ERR_get_error(3)>,
+L<DH_generate_parameters(3)>,
+L<DH_generate_key(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_set_method.pod b/doc/crypto/DH_set_method.pod
index d5cdc3be0c..8b80f5cc8d 100644
--- a/doc/crypto/DH_set_method.pod
+++ b/doc/crypto/DH_set_method.pod
@@ -94,7 +94,7 @@ the method for B<dh> (including unloading the ENGINE handle if the previous
 method was supplied by an ENGINE).
 
 DH_new_method() returns NULL and sets an error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise it
+L<ERR_get_error(3)> if the allocation fails. Otherwise it
 returns a pointer to the newly allocated structure.
 
 =head1 NOTES
@@ -109,7 +109,7 @@ algorithms.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<DH_new(3)|DH_new(3)>
+L<dh(3)>, L<DH_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DH_size.pod b/doc/crypto/DH_size.pod
index e73f32589a..ab28072e0b 100644
--- a/doc/crypto/DH_size.pod
+++ b/doc/crypto/DH_size.pod
@@ -28,8 +28,8 @@ The size.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<DH_generate_key(3)|DH_generate_key(3)>,
-L<BN_num_bits(3)|BN_num_bits(3)>
+L<dh(3)>, L<DH_generate_key(3)>,
+L<BN_num_bits(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_SIG_new.pod b/doc/crypto/DSA_SIG_new.pod
index 3ac6140038..aa2cb7d125 100644
--- a/doc/crypto/DSA_SIG_new.pod
+++ b/doc/crypto/DSA_SIG_new.pod
@@ -23,15 +23,15 @@ values are erased before the memory is returned to the system.
 
 If the allocation fails, DSA_SIG_new() returns B<NULL> and sets an
 error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
+L<ERR_get_error(3)>. Otherwise it returns a pointer
 to the newly allocated structure.
 
 DSA_SIG_free() returns no value.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
+L<dsa(3)>, L<ERR_get_error(3)>,
+L<DSA_do_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_do_sign.pod b/doc/crypto/DSA_do_sign.pod
index 5dfc733b20..7a1970b2aa 100644
--- a/doc/crypto/DSA_do_sign.pod
+++ b/doc/crypto/DSA_do_sign.pod
@@ -19,7 +19,7 @@ DSA_do_sign() computes a digital signature on the B<len> byte message
 digest B<dgst> using the private key B<dsa> and returns it in a
 newly allocated B<DSA_SIG> structure.
 
-L<DSA_sign_setup(3)|DSA_sign_setup(3)> may be used to precompute part
+L<DSA_sign_setup(3)> may be used to precompute part
 of the signing operation in case signature generation is
 time-critical.
 
@@ -32,13 +32,13 @@ key.
 DSA_do_sign() returns the signature, NULL on error.  DSA_do_verify()
 returns 1 for a valid signature, 0 for an incorrect signature and -1
 on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_SIG_new(3)|DSA_SIG_new(3)>,
-L<DSA_sign(3)|DSA_sign(3)>
+L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DSA_SIG_new(3)>,
+L<DSA_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_dup_DH.pod b/doc/crypto/DSA_dup_DH.pod
index 7f6f0d1115..b2e5325147 100644
--- a/doc/crypto/DSA_dup_DH.pod
+++ b/doc/crypto/DSA_dup_DH.pod
@@ -19,7 +19,7 @@ contain its length.
 =head1 RETURN VALUE
 
 DSA_dup_DH() returns the new B<DH> structure, and NULL on error. The
-error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 NOTE
 
@@ -27,7 +27,7 @@ Be careful to avoid small subgroup attacks when using this.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<dh(3)>, L<dsa(3)>, L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_generate_key.pod b/doc/crypto/DSA_generate_key.pod
index af83ccfaa1..34a9efba30 100644
--- a/doc/crypto/DSA_generate_key.pod
+++ b/doc/crypto/DSA_generate_key.pod
@@ -20,12 +20,12 @@ The PRNG must be seeded prior to calling DSA_generate_key().
 =head1 RETURN VALUE
 
 DSA_generate_key() returns 1 on success, 0 otherwise.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>
+L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DSA_generate_parameters(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_generate_parameters.pod b/doc/crypto/DSA_generate_parameters.pod
index 16a67f22b0..d2a0418b52 100644
--- a/doc/crypto/DSA_generate_parameters.pod
+++ b/doc/crypto/DSA_generate_parameters.pod
@@ -39,7 +39,7 @@ A callback function may be used to provide feedback about the progress
 of the key generation. If B<cb> is not B<NULL>, it will be
 called as shown below. For information on the BN_GENCB structure and the
 BN_GENCB_call function discussed below, refer to
-L<BN_generate_prime(3)|BN_generate_prime(3)>.
+L<BN_generate_prime(3)>.
 
 =over 4
 
@@ -89,7 +89,7 @@ When the generator has been found, B<BN_GENCB_call(cb, 3, 1)> is called.
 DSA_generate_parameters() (deprecated) works in much the same way as for DSA_generate_parameters_ex, except that no B<dsa> parameter is passed and
 instead a newly allocated B<DSA> structure is returned. Additionally "old
 style" callbacks are used instead of the newer BN_GENCB based approach.
-Refer to L<BN_generate_prime(3)|BN_generate_prime(3)> for further information.
+Refer to L<BN_generate_prime(3)> for further information.
 
 =head1 RETURN VALUE
 
@@ -98,7 +98,7 @@ DSA_generate_parameters_ex() returns a 1 on success, or 0 otherwise.
 DSA_generate_parameters() returns a pointer to the DSA structure, or
 B<NULL> if the parameter generation fails.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 BUGS
 
@@ -106,8 +106,8 @@ Seed lengths E<gt> 20 are not supported.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_free(3)|DSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
+L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DSA_free(3)>, L<BN_generate_prime(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_get_ex_new_index.pod b/doc/crypto/DSA_get_ex_new_index.pod
index fb6efc1182..43b29b35cc 100644
--- a/doc/crypto/DSA_get_ex_new_index.pod
+++ b/doc/crypto/DSA_get_ex_new_index.pod
@@ -26,7 +26,7 @@ as described in L<RSA_get_ex_new_index(3)>.
 
 =head1 SEE ALSO
 
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>, L<dsa(3)|dsa(3)>
+L<RSA_get_ex_new_index(3)>, L<dsa(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_new.pod b/doc/crypto/DSA_new.pod
index 3a6d582465..766cfd3657 100644
--- a/doc/crypto/DSA_new.pod
+++ b/doc/crypto/DSA_new.pod
@@ -25,16 +25,16 @@ If B<dsa> is NULL nothing is done.
 
 If the allocation fails, DSA_new() returns B<NULL> and sets an error
 code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns a pointer
+L<ERR_get_error(3)>. Otherwise it returns a pointer
 to the newly allocated structure.
 
 DSA_free() returns no value.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>
+L<dsa(3)>, L<ERR_get_error(3)>,
+L<DSA_generate_parameters(3)>,
+L<DSA_generate_key(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_set_method.pod b/doc/crypto/DSA_set_method.pod
index 9c1434bd8d..fe0d6e3da9 100644
--- a/doc/crypto/DSA_set_method.pod
+++ b/doc/crypto/DSA_set_method.pod
@@ -108,7 +108,7 @@ the method for B<dsa> (including unloading the ENGINE handle if the previous
 method was supplied by an ENGINE).
 
 DSA_new_method() returns NULL and sets an error code that can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation
+obtained by L<ERR_get_error(3)> if the allocation
 fails. Otherwise it returns a pointer to the newly allocated structure.
 
 =head1 NOTES
@@ -123,7 +123,7 @@ algorithms.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<DSA_new(3)|DSA_new(3)>
+L<dsa(3)>, L<DSA_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_sign.pod b/doc/crypto/DSA_sign.pod
index 97389e8ec8..da923abc85 100644
--- a/doc/crypto/DSA_sign.pod
+++ b/doc/crypto/DSA_sign.pod
@@ -46,7 +46,7 @@ is called.
 DSA_sign() and DSA_sign_setup() return 1 on success, 0 on error.
 DSA_verify() returns 1 for a valid signature, 0 for an incorrect
 signature and -1 on error. The error codes can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 =head1 CONFORMING TO
 
@@ -55,8 +55,8 @@ Standard, DSS), ANSI X9.30
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>,
-L<DSA_do_sign(3)|DSA_do_sign(3)>
+L<dsa(3)>, L<ERR_get_error(3)>, L<rand(3)>,
+L<DSA_do_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/DSA_size.pod b/doc/crypto/DSA_size.pod
index ba4f650361..bc96cbdc5d 100644
--- a/doc/crypto/DSA_size.pod
+++ b/doc/crypto/DSA_size.pod
@@ -24,7 +24,7 @@ The size in bytes.
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<DSA_sign(3)|DSA_sign(3)>
+L<dsa(3)>, L<DSA_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EC_GFp_simple_method.pod b/doc/crypto/EC_GFp_simple_method.pod
index aff20ac175..2a21c9393b 100644
--- a/doc/crypto/EC_GFp_simple_method.pod
+++ b/doc/crypto/EC_GFp_simple_method.pod
@@ -22,7 +22,7 @@ EC_GFp_simple_method, EC_GFp_mont_method, EC_GFp_nist_method, EC_GFp_nistp224_me
 =head1 DESCRIPTION
 
 The Elliptic Curve library provides a number of different implementations through a single common interface.
-When constructing a curve using EC_GROUP_new (see L<EC_GROUP_new(3)|EC_GROUP_new(3)>) an
+When constructing a curve using EC_GROUP_new (see L<EC_GROUP_new(3)>) an
 implementation method must be provided. The functions described here all return a const pointer to an
 B<EC_METHOD> structure that can be passed to EC_GROUP_NEW. It is important that the correct implementation
 type for the form of curve selected is used.
@@ -31,9 +31,9 @@ For F2^m curves there is only one implementation choice, i.e. EC_GF2_simple_meth
 
 For Fp curves the lowest common denominator implementation is the EC_GFp_simple_method implementation. All
 other implementations are based on this one. EC_GFp_mont_method builds on EC_GFp_simple_method but adds the
-use of montgomery multiplication (see L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>). EC_GFp_nist_method
+use of montgomery multiplication (see L<BN_mod_mul_montgomery(3)>). EC_GFp_nist_method
 offers an implementation optimised for use with NIST recommended curves (NIST curves are available through
-EC_GROUP_new_by_curve_name as described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>).
+EC_GROUP_new_by_curve_name as described in L<EC_GROUP_new(3)>).
 
 The functions EC_GFp_nistp224_method, EC_GFp_nistp256_method and EC_GFp_nistp521_method offer 64 bit
 optimised implementations for the NIST P224, P256 and P521 curves respectively. Note, however, that these
@@ -52,9 +52,9 @@ EC_METHOD_get_field_type returns an integer that identifies the type of field th
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<d2i_ECPKParameters(3)>,
+L<BN_mod_mul_montgomery(3)>
 
 =cut
diff --git a/doc/crypto/EC_GROUP_copy.pod b/doc/crypto/EC_GROUP_copy.pod
index a13d2ad811..591ba90900 100644
--- a/doc/crypto/EC_GROUP_copy.pod
+++ b/doc/crypto/EC_GROUP_copy.pod
@@ -66,7 +66,7 @@ The functions EC_GROUP_get_order and EC_GROUP_get_cofactor populate the provided
 with the respective order and cofactors for the B<group>.
 
 The functions EC_GROUP_set_curve_name and EC_GROUP_get_curve_name, set and get the NID for the curve respectively
-(see L<EC_GROUP_new(3)|EC_GROUP_new(3)>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name
+(see L<EC_GROUP_new(3)>). If a curve does not have a NID associated with it, then EC_GROUP_get_curve_name
 will return 0.
 
 The asn1_flag value is used to determine whether the curve encoding uses
@@ -175,8 +175,8 @@ trinomial or pentanomial respectively. Alternatively in the event of an error a
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>,
+L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
 
 =cut
diff --git a/doc/crypto/EC_GROUP_new.pod b/doc/crypto/EC_GROUP_new.pod
index 73d5219684..70d9955cfc 100644
--- a/doc/crypto/EC_GROUP_new.pod
+++ b/doc/crypto/EC_GROUP_new.pod
@@ -41,7 +41,7 @@ Operations in a binary field are performed relative to an B<irreducible polynomi
 use a trinomial or a pentanomial for this parameter.
 
 A new curve can be constructed by calling EC_GROUP_new, using the implementation provided by B<meth> (see
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>). It is then necessary to call either EC_GROUP_set_curve_GFp or
+L<EC_GFp_simple_method(3)>). It is then necessary to call either EC_GROUP_set_curve_GFp or
 EC_GROUP_set_curve_GF2m as appropriate to create a curve defined over Fp or over F2^m respectively.
 
 EC_GROUP_set_curve_GFp sets the curve parameters B<p>, B<a> and B<b> for a curve over Fp stored in B<group>.
@@ -90,8 +90,8 @@ EC_GROUP_set_curve_GFp, EC_GROUP_get_curve_GFp, EC_GROUP_set_curve_GF2m, EC_GROU
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
 
 =cut
diff --git a/doc/crypto/EC_KEY_new.pod b/doc/crypto/EC_KEY_new.pod
index fc42cbc7d4..71095e52c5 100644
--- a/doc/crypto/EC_KEY_new.pod
+++ b/doc/crypto/EC_KEY_new.pod
@@ -42,7 +42,7 @@ An EC_KEY represents a public key and (optionally) an associated private key. A
 The reference count for the newly created EC_KEY is initially set to 1. A curve can be associated with the EC_KEY by calling
 EC_KEY_set_group.
 
-Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name and supplying the nid of the associated curve. Refer to L<EC_GROUP_new(3)|EC_GROUP_new(3)> for a description of curve names. This function simply wraps calls to EC_KEY_new and 
+Alternatively a new EC_KEY can be constructed by calling EC_KEY_new_by_curve_name and supplying the nid of the associated curve. Refer to L<EC_GROUP_new(3)> for a description of curve names. This function simply wraps calls to EC_KEY_new and 
 EC_GROUP_new_by_curve_name.
 
 Calling EC_KEY_free decrements the reference count for the EC_KEY object, and if it has dropped to zero then frees the memory associated
@@ -69,16 +69,16 @@ on the key to confirm that it is valid.
 The functions EC_KEY_get0_group, EC_KEY_set_group, EC_KEY_get0_private_key, EC_KEY_set_private_key, EC_KEY_get0_public_key, and EC_KEY_set_public_key get and set the EC_GROUP object, the private key and the EC_POINT public key for the B<key> respectively.
 
 The functions EC_KEY_get_conv_form and EC_KEY_set_conv_form get and set the point_conversion_form for the B<key>. For a description
-of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
+of point_conversion_forms please refer to L<EC_POINT_new(3)>.
 
 EC_KEY_insert_key_method_data and EC_KEY_get_key_method_data enable the caller to associate arbitrary additional data specific to the
 elliptic curve scheme being used with the EC_KEY object. This data is treated as a "black box" by the ec library. The data to be stored by EC_KEY_insert_key_method_data is provided in the B<data> parameter, which must have have associated functions for duplicating, freeing and "clear_freeing" the data item. If a subsequent EC_KEY_get_key_method_data call is issued, the functions for duplicating, freeing and "clear_freeing" the data item must be provided again, and they must be the same as they were when the data item was inserted.
 
 EC_KEY_set_flags sets the flags in the B<flags> parameter on the EC_KEY object. Any flags that are already set are left set. The currently defined standard flags are EC_FLAG_NON_FIPS_ALLOW and EC_FLAG_FIPS_CHECKED. In addition there is the flag EC_FLAG_COFACTOR_ECDH which is specific to ECDH and is defined in ecdh.h. EC_KEY_get_flags returns the current flags that are set for this EC_KEY. EC_KEY_clear_flags clears the flags indicated by the B<flags> parameter. All other flags are left in their existing state.
 
-EC_KEY_set_asn1_flag sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for further information on the asn1_flag.
+EC_KEY_set_asn1_flag sets the asn1_flag on the underlying EC_GROUP object (if set). Refer to L<EC_GROUP_copy(3)> for further information on the asn1_flag.
 
-EC_KEY_precompute_mult stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also L<EC_POINT_add(3)|EC_POINT_add(3)>.
+EC_KEY_precompute_mult stores multiples of the underlying EC_GROUP generator for faster point multiplication. See also L<EC_POINT_add(3)>.
 
 
 =head1 RETURN VALUES
@@ -100,10 +100,10 @@ EC_KEY_get_conv_form return the point_conversion_form for the EC_KEY.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
-L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>, L<EC_POINT_new(3)|EC_POINT_new(3)>,
-L<EC_POINT_add(3)|EC_POINT_add(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>,
-L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>,
+L<EC_GROUP_copy(3)>, L<EC_POINT_new(3)>,
+L<EC_POINT_add(3)>,
+L<EC_GFp_simple_method(3)>,
+L<d2i_ECPKParameters(3)>
 
 =cut
diff --git a/doc/crypto/EC_POINT_add.pod b/doc/crypto/EC_POINT_add.pod
index ae92640843..eaa7f52786 100644
--- a/doc/crypto/EC_POINT_add.pod
+++ b/doc/crypto/EC_POINT_add.pod
@@ -46,7 +46,7 @@ EC_POINTs_mul calculates the value generator * B<n> + B<q[0]> * B<m[0]> + ... +
 B<n> may be NULL.
 
 The function EC_GROUP_precompute_mult stores multiples of the generator for faster point multiplication, whilst
-EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)> for information
+EC_GROUP_have_precompute_mult tests whether precomputation has already been done. See L<EC_GROUP_copy(3)> for information
 about the generator.
 
 
@@ -65,8 +65,8 @@ EC_GROUP_have_precompute_mult return 1 if a precomputation has been done, or 0 i
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
 
 =cut
diff --git a/doc/crypto/EC_POINT_new.pod b/doc/crypto/EC_POINT_new.pod
index 0a20fced4e..122dccb975 100644
--- a/doc/crypto/EC_POINT_new.pod
+++ b/doc/crypto/EC_POINT_new.pod
@@ -123,8 +123,8 @@ EC_POINT_hex2point returns the pointer to the EC_POINT supplied, or NULL on erro
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
 
 =cut
diff --git a/doc/crypto/ERR_GET_LIB.pod b/doc/crypto/ERR_GET_LIB.pod
index 2a129da036..fe31f03ee7 100644
--- a/doc/crypto/ERR_GET_LIB.pod
+++ b/doc/crypto/ERR_GET_LIB.pod
@@ -41,7 +41,7 @@ The library number, function code and reason code respectively.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<err(3)>, L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_clear_error.pod b/doc/crypto/ERR_clear_error.pod
index 566e1f4e31..d1da2b68e8 100644
--- a/doc/crypto/ERR_clear_error.pod
+++ b/doc/crypto/ERR_clear_error.pod
@@ -20,7 +20,7 @@ ERR_clear_error() has no return value.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>
+L<err(3)>, L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_error_string.pod b/doc/crypto/ERR_error_string.pod
index cdfa7fe1fe..b3f9a435aa 100644
--- a/doc/crypto/ERR_error_string.pod
+++ b/doc/crypto/ERR_error_string.pod
@@ -40,13 +40,13 @@ ERR_reason_error_string() return the library name, function
 name and reason string respectively.
 
 The OpenSSL error strings should be loaded by calling
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)> or, for SSL
-applications, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+L<ERR_load_crypto_strings(3)> or, for SSL
+applications, L<SSL_load_error_strings(3)>
 first.
 If there is no text string registered for the given error code,
 the error string will contain the numeric code.
 
-L<ERR_print_errors(3)|ERR_print_errors(3)> can be used to print
+L<ERR_print_errors(3)> can be used to print
 all error codes currently in the queue.
 
 =head1 RETURN VALUES
@@ -60,10 +60,10 @@ none is registered for the error code.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
-L<ERR_print_errors(3)|ERR_print_errors(3)>
+L<err(3)>, L<ERR_get_error(3)>,
+L<ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)>
+L<ERR_print_errors(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_get_error.pod b/doc/crypto/ERR_get_error.pod
index 01e196c95f..90b620c623 100644
--- a/doc/crypto/ERR_get_error.pod
+++ b/doc/crypto/ERR_get_error.pod
@@ -38,9 +38,9 @@ error queue without modifying it.
 ERR_peek_last_error() returns the latest error code from the thread's
 error queue without modifying it.
 
-See L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> for obtaining information about
+See L<ERR_GET_LIB(3)> for obtaining information about
 location and reason of the error, and
-L<ERR_error_string(3)|ERR_error_string(3)> for human-readable error
+L<ERR_error_string(3)> for human-readable error
 messages.
 
 ERR_get_error_line(), ERR_peek_error_line() and
@@ -64,8 +64,8 @@ The error code, or 0 if there is no error in the queue.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>
+L<err(3)>, L<ERR_error_string(3)>,
+L<ERR_GET_LIB(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_load_crypto_strings.pod b/doc/crypto/ERR_load_crypto_strings.pod
index 9bdec75a46..b5ff885efe 100644
--- a/doc/crypto/ERR_load_crypto_strings.pod
+++ b/doc/crypto/ERR_load_crypto_strings.pod
@@ -35,7 +35,7 @@ ERR_free_strings() return no values.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>
+L<err(3)>, L<ERR_error_string(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_load_strings.pod b/doc/crypto/ERR_load_strings.pod
index 5acdd0edbc..9edf7a3de3 100644
--- a/doc/crypto/ERR_load_strings.pod
+++ b/doc/crypto/ERR_load_strings.pod
@@ -43,7 +43,7 @@ ERR_get_next_error_library() returns a new library number.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+L<err(3)>, L<ERR_load_strings(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_print_errors.pod b/doc/crypto/ERR_print_errors.pod
index b100a5fa2b..db890a9cea 100644
--- a/doc/crypto/ERR_print_errors.pod
+++ b/doc/crypto/ERR_print_errors.pod
@@ -38,10 +38,10 @@ ERR_print_errors() and ERR_print_errors_fp() return no values.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>
+L<err(3)>, L<ERR_error_string(3)>,
+L<ERR_get_error(3)>,
+L<ERR_load_crypto_strings(3)>,
+L<SSL_load_error_strings(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_put_error.pod b/doc/crypto/ERR_put_error.pod
index acd241fbe4..a87dcae7de 100644
--- a/doc/crypto/ERR_put_error.pod
+++ b/doc/crypto/ERR_put_error.pod
@@ -23,7 +23,7 @@ This function is usually called by a macro.
 ERR_add_error_data() associates the concatenation of its B<num> string
 arguments with the error code added last.
 
-L<ERR_load_strings(3)|ERR_load_strings(3)> can be used to register
+L<ERR_load_strings(3)> can be used to register
 error strings so that the application can a generate human-readable
 error messages for the error code.
 
@@ -34,7 +34,7 @@ no values.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>, L<ERR_load_strings(3)|ERR_load_strings(3)>
+L<err(3)>, L<ERR_load_strings(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_remove_state.pod b/doc/crypto/ERR_remove_state.pod
index a4d38c17fd..236aeb4572 100644
--- a/doc/crypto/ERR_remove_state.pod
+++ b/doc/crypto/ERR_remove_state.pod
@@ -34,7 +34,7 @@ ERR_remove_thread_state and ERR_remove_state() return no value.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>
+L<err(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/ERR_set_mark.pod b/doc/crypto/ERR_set_mark.pod
index d3ca4f2e77..122a81bf05 100644
--- a/doc/crypto/ERR_set_mark.pod
+++ b/doc/crypto/ERR_set_mark.pod
@@ -29,7 +29,7 @@ implies that the stack became empty, otherwise 1.
 
 =head1 SEE ALSO
 
-L<err(3)|err(3)>
+L<err(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_BytesToKey.pod b/doc/crypto/EVP_BytesToKey.pod
index dca5239ecc..c2470df202 100644
--- a/doc/crypto/EVP_BytesToKey.pod
+++ b/doc/crypto/EVP_BytesToKey.pod
@@ -62,9 +62,9 @@ or 0 on error.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<PKCS5_PBKDF2_HMAC(3)|PKCS5_PBKDF2_HMAC(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+L<evp(3)>, L<rand(3)>,
+L<PKCS5_PBKDF2_HMAC(3)>,
+L<EVP_EncryptInit(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_DigestInit.pod b/doc/crypto/EVP_DigestInit.pod
index 06e6d4f0ba..2d7f0dc558 100644
--- a/doc/crypto/EVP_DigestInit.pod
+++ b/doc/crypto/EVP_DigestInit.pod
@@ -255,8 +255,8 @@ digest name passed on the command line.
 
 =head1 SEE ALSO
 
-L<dgst(1)|dgst(1)>,
-L<evp(3)|evp(3)>
+L<dgst(1)>,
+L<evp(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_DigestSignInit.pod b/doc/crypto/EVP_DigestSignInit.pod
index 5ad192679c..caad7fa26f 100644
--- a/doc/crypto/EVP_DigestSignInit.pod
+++ b/doc/crypto/EVP_DigestSignInit.pod
@@ -42,7 +42,7 @@ EVP_DigestSignInit() EVP_DigestSignUpdate() and EVP_DigestSignaFinal() return
 value of -2 indicates the operation is not supported by the public key
 algorithm.
 
-The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained from L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -73,11 +73,11 @@ which indicates the maximum possible signature for any set of parameters.
 
 =head1 SEE ALSO
 
-L<EVP_DigestVerifyInit(3)|EVP_DigestVerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<EVP_DigestVerifyInit(3)>,
+L<EVP_DigestInit(3)>, L<err(3)>,
+L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+L<sha(3)>, L<dgst(1)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_DigestVerifyInit.pod b/doc/crypto/EVP_DigestVerifyInit.pod
index e0217e40cb..2068ce71ef 100644
--- a/doc/crypto/EVP_DigestVerifyInit.pod
+++ b/doc/crypto/EVP_DigestVerifyInit.pod
@@ -42,7 +42,7 @@ indicates that the signature did not verify successfully (that is tbs did
 not match the original data or the signature was of invalid form) it is not an
 indication of a more serious error.
 
-The error codes can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained from L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -68,11 +68,11 @@ will occur.
 
 =head1 SEE ALSO
 
-L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<EVP_DigestSignInit(3)>,
+L<EVP_DigestInit(3)>, L<err(3)>,
+L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+L<sha(3)>, L<dgst(1)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_EncryptInit.pod b/doc/crypto/EVP_EncryptInit.pod
index 3dfc55d7ff..4a31686c3d 100644
--- a/doc/crypto/EVP_EncryptInit.pod
+++ b/doc/crypto/EVP_EncryptInit.pod
@@ -610,7 +610,7 @@ with a 128-bit key:
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>
+L<evp(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_OpenInit.pod b/doc/crypto/EVP_OpenInit.pod
index 2e710da945..e207b012e3 100644
--- a/doc/crypto/EVP_OpenInit.pod
+++ b/doc/crypto/EVP_OpenInit.pod
@@ -28,7 +28,7 @@ The IV is supplied in the B<iv> parameter.
 
 EVP_OpenUpdate() and EVP_OpenFinal() have exactly the same properties
 as the EVP_DecryptUpdate() and EVP_DecryptFinal() routines, as 
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
+documented on the L<EVP_EncryptInit(3)> manual
 page.
 
 =head1 NOTES
@@ -54,9 +54,9 @@ EVP_OpenFinal() returns 0 if the decrypt failed or 1 for success.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>
+L<evp(3)>, L<rand(3)>,
+L<EVP_EncryptInit(3)>,
+L<EVP_SealInit(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_CTX_ctrl.pod b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
index 026c10b0e5..5710cfb861 100644
--- a/doc/crypto/EVP_PKEY_CTX_ctrl.pod
+++ b/doc/crypto/EVP_PKEY_CTX_ctrl.pod
@@ -128,14 +128,14 @@ indicates the operation is not supported by the public key algorithm.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)>
+L<EVP_PKEY_keygen(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_CTX_new.pod b/doc/crypto/EVP_PKEY_CTX_new.pod
index d30e007295..5fb5d58f09 100644
--- a/doc/crypto/EVP_PKEY_CTX_new.pod
+++ b/doc/crypto/EVP_PKEY_CTX_new.pod
@@ -44,7 +44,7 @@ EVP_PKEY_CTX_free() does not return a value.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+L<EVP_PKEY_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_cmp.pod b/doc/crypto/EVP_PKEY_cmp.pod
index 94fcf66ce1..9e0107fb0d 100644
--- a/doc/crypto/EVP_PKEY_cmp.pod
+++ b/doc/crypto/EVP_PKEY_cmp.pod
@@ -55,7 +55,7 @@ keys match, 0 if they don't match, -1 if the key types are different and
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)> 
 
 =cut
diff --git a/doc/crypto/EVP_PKEY_decrypt.pod b/doc/crypto/EVP_PKEY_decrypt.pod
index 847983237b..e94f3a8a02 100644
--- a/doc/crypto/EVP_PKEY_decrypt.pod
+++ b/doc/crypto/EVP_PKEY_decrypt.pod
@@ -79,12 +79,12 @@ Decrypt data using OAEP (for RSA keys):
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_derive.pod b/doc/crypto/EVP_PKEY_derive.pod
index 27464be571..f6f3ac7786 100644
--- a/doc/crypto/EVP_PKEY_derive.pod
+++ b/doc/crypto/EVP_PKEY_derive.pod
@@ -79,12 +79,12 @@ Derive shared secret (for example DH or EC keys):
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_encrypt.pod b/doc/crypto/EVP_PKEY_encrypt.pod
index 6799ce1010..819d8643ca 100644
--- a/doc/crypto/EVP_PKEY_encrypt.pod
+++ b/doc/crypto/EVP_PKEY_encrypt.pod
@@ -43,8 +43,8 @@ indicates the operation is not supported by the public key algorithm.
 
 =head1 EXAMPLE
 
-Encrypt data using OAEP (for RSA keys). See also L<PEM_read_PUBKEY(3)|pem(3)> or
-L<d2i_X509(3)|d2i_X509(3)> for means to load a public key. You may also simply
+Encrypt data using OAEP (for RSA keys). See also L<pem(3)> or
+L<d2i_X509(3)> for means to load a public key. You may also simply
 set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
 
  #include <openssl/evp.h>
@@ -83,14 +83,14 @@ set 'eng = NULL;' to start with the default OpenSSL RSA implementation:
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>,
-L<engine(3)|engine(3)>,
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<d2i_X509(3)>,
+L<engine(3)>,
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_get_default_digest.pod b/doc/crypto/EVP_PKEY_get_default_digest.pod
index 8ff597d44a..8ac104efef 100644
--- a/doc/crypto/EVP_PKEY_get_default_digest.pod
+++ b/doc/crypto/EVP_PKEY_get_default_digest.pod
@@ -29,10 +29,10 @@ public key algorithm.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_keygen.pod b/doc/crypto/EVP_PKEY_keygen.pod
index 2f0256db41..c86e013523 100644
--- a/doc/crypto/EVP_PKEY_keygen.pod
+++ b/doc/crypto/EVP_PKEY_keygen.pod
@@ -146,13 +146,13 @@ Example of generation callback for OpenSSL public key implementations:
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_new.pod b/doc/crypto/EVP_PKEY_new.pod
index d26b03f36a..acdfd00849 100644
--- a/doc/crypto/EVP_PKEY_new.pod
+++ b/doc/crypto/EVP_PKEY_new.pod
@@ -28,7 +28,7 @@ particular algorithm.
 
 The structure returned by EVP_PKEY_new() is empty. To add a
 private key to this empty structure the functions described in
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> should be used.
+L<EVP_PKEY_set1_RSA(3)> should be used.
 
 =head1 RETURN VALUES
 
@@ -39,7 +39,7 @@ EVP_PKEY_free() does not return a value.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>
+L<EVP_PKEY_set1_RSA(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_print_private.pod b/doc/crypto/EVP_PKEY_print_private.pod
index ce9d70d7a7..8664c4926f 100644
--- a/doc/crypto/EVP_PKEY_print_private.pod
+++ b/doc/crypto/EVP_PKEY_print_private.pod
@@ -43,8 +43,8 @@ the public key algorithm.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_keygen(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_set1_RSA.pod b/doc/crypto/EVP_PKEY_set1_RSA.pod
index 6f10175615..bb164ed141 100644
--- a/doc/crypto/EVP_PKEY_set1_RSA.pod
+++ b/doc/crypto/EVP_PKEY_set1_RSA.pod
@@ -71,7 +71,7 @@ and EVP_PKEY_assign_EC_KEY() return 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>
+L<EVP_PKEY_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_sign.pod b/doc/crypto/EVP_PKEY_sign.pod
index 21974b4b1a..f189206676 100644
--- a/doc/crypto/EVP_PKEY_sign.pod
+++ b/doc/crypto/EVP_PKEY_sign.pod
@@ -30,12 +30,12 @@ B<sig> and the amount of data written to B<siglen>.
 
 EVP_PKEY_sign() does not hash the data to be signed, and therefore is
 normally used to sign digests. For signing arbitrary messages, see the
-L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)> and
-L<EVP_SignInit(3)|EVP_SignInit(3)> signing interfaces instead.
+L<EVP_DigestSignInit(3)> and
+L<EVP_SignInit(3)> signing interfaces instead.
 
 After the call to EVP_PKEY_sign_init() algorithm specific control
 operations can be performed to set any appropriate parameters for the
-operation (see L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>).
+operation (see L<EVP_PKEY_CTX_ctrl(3)>).
 
 The function EVP_PKEY_sign() can be called more than once on the same
 context if several operations are performed using the same parameters.
@@ -91,13 +91,13 @@ Sign data using RSA with PKCS#1 padding and SHA256 digest:
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_CTX_ctrl(3)|EVP_PKEY_CTX_ctrl(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_CTX_ctrl(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_verify.pod b/doc/crypto/EVP_PKEY_verify.pod
index 90612ba2f0..4952b7f416 100644
--- a/doc/crypto/EVP_PKEY_verify.pod
+++ b/doc/crypto/EVP_PKEY_verify.pod
@@ -77,12 +77,12 @@ Verify signature using PKCS#1 and SHA256 digest:
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_PKEY_verify_recover.pod b/doc/crypto/EVP_PKEY_verify_recover.pod
index 23a28a9c43..6c2287bbd6 100644
--- a/doc/crypto/EVP_PKEY_verify_recover.pod
+++ b/doc/crypto/EVP_PKEY_verify_recover.pod
@@ -89,12 +89,12 @@ Recover digest originally signed using PKCS#1 and SHA256 digest:
 
 =head1 SEE ALSO
 
-L<EVP_PKEY_CTX_new(3)|EVP_PKEY_CTX_new(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)> 
+L<EVP_PKEY_CTX_new(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_derive(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_SealInit.pod b/doc/crypto/EVP_SealInit.pod
index 19112a542d..50271be39b 100644
--- a/doc/crypto/EVP_SealInit.pod
+++ b/doc/crypto/EVP_SealInit.pod
@@ -43,7 +43,7 @@ and can be B<NULL>.
 
 EVP_SealUpdate() and EVP_SealFinal() have exactly the same properties
 as the EVP_EncryptUpdate() and EVP_EncryptFinal() routines, as 
-documented on the L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> manual
+documented on the L<EVP_EncryptInit(3)> manual
 page. 
 
 =head1 RETURN VALUES
@@ -74,9 +74,9 @@ with B<type> set to NULL.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>
+L<evp(3)>, L<rand(3)>,
+L<EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_SignInit.pod b/doc/crypto/EVP_SignInit.pod
index 06d02a5fca..9a91b91a0e 100644
--- a/doc/crypto/EVP_SignInit.pod
+++ b/doc/crypto/EVP_SignInit.pod
@@ -49,7 +49,7 @@ for success and 0 for failure.
 
 EVP_PKEY_size() returns the maximum size of a signature in bytes.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -60,7 +60,7 @@ transparent to the algorithm used and much more flexible.
 Due to the link between message digests and public key algorithms the correct
 digest algorithm must be used with the correct public key type. A list of
 algorithms and associated public key algorithms appears in 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
+L<EVP_DigestInit(3)>.
 
 When signing with DSA private keys the random number generator must be seeded
 or the operation will fail. The random number generator does not need to be
@@ -90,11 +90,11 @@ The previous two bugs are fixed in the newer EVP_SignDigest*() function.
 
 =head1 SEE ALSO
 
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<EVP_VerifyInit(3)>,
+L<EVP_DigestInit(3)>, L<err(3)>,
+L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+L<sha(3)>, L<dgst(1)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/EVP_VerifyInit.pod b/doc/crypto/EVP_VerifyInit.pod
index 9097f09410..ee27de198b 100644
--- a/doc/crypto/EVP_VerifyInit.pod
+++ b/doc/crypto/EVP_VerifyInit.pod
@@ -41,7 +41,7 @@ failure.
 EVP_VerifyFinal() returns 1 for a correct signature, 0 for failure and -1 if some
 other error occurred.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -52,7 +52,7 @@ transparent to the algorithm used and much more flexible.
 Due to the link between message digests and public key algorithms the correct
 digest algorithm must be used with the correct public key type. A list of
 algorithms and associated public key algorithms appears in 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>.
+L<EVP_DigestInit(3)>.
 
 The call to EVP_VerifyFinal() internally finalizes a copy of the digest context.
 This means that calls to EVP_VerifyUpdate() and EVP_VerifyFinal() can be called
@@ -78,12 +78,12 @@ The previous two bugs are fixed in the newer EVP_VerifyDigest*() function.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>, L<err(3)|err(3)>,
-L<evp(3)|evp(3)>, L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>, L<dgst(1)|dgst(1)>
+L<evp(3)>,
+L<EVP_SignInit(3)>,
+L<EVP_DigestInit(3)>, L<err(3)>,
+L<evp(3)>, L<hmac(3)>, L<md2(3)>,
+L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+L<sha(3)>, L<dgst(1)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/OBJ_nid2obj.pod b/doc/crypto/OBJ_nid2obj.pod
index 7acb4c4a6d..b2b815db65 100644
--- a/doc/crypto/OBJ_nid2obj.pod
+++ b/doc/crypto/OBJ_nid2obj.pod
@@ -156,7 +156,7 @@ a NID or B<NID_undef> on error.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/OCSP_REQUEST_new.pod b/doc/crypto/OCSP_REQUEST_new.pod
index 563fed3c12..b74f56a232 100644
--- a/doc/crypto/OCSP_REQUEST_new.pod
+++ b/doc/crypto/OCSP_REQUEST_new.pod
@@ -97,11 +97,11 @@ B<issuer>:
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>,
-L<OCSP_cert_to_id(3)|OCSP_cert_to_id(3)>,
-L<OCSP_request_add1_nonce(3)|OCSP_request_add1_nonce(3)>,
-L<OCSP_response_find_status(3)|OCSP_response_find_status(3)>,
-L<OCSP_response_status(3)|OCSP_response_status(3)>,
-L<OCSP_sendreq_new(3)|OCSP_sendreq_new(3)>
+L<crypto(3)>,
+L<OCSP_cert_to_id(3)>,
+L<OCSP_request_add1_nonce(3)>,
+L<OCSP_response_find_status(3)>,
+L<OCSP_response_status(3)>,
+L<OCSP_sendreq_new(3)>
 
 =cut
diff --git a/doc/crypto/OCSP_cert_to_id.pod b/doc/crypto/OCSP_cert_to_id.pod
index 2eab1d3825..8eb1844611 100644
--- a/doc/crypto/OCSP_cert_to_id.pod
+++ b/doc/crypto/OCSP_cert_to_id.pod
@@ -68,11 +68,11 @@ B<OCSP_CERTID> structure is freed.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>,
-L<OCSP_request_add1_nonce(3)|OCSP_request_add1_nonce(3)>,
-L<OCSP_REQUEST_new(3)|OCSP_REQUEST_new(3)>,
-L<OCSP_response_find_status(3)|OCSP_response_find_status(3)>,
-L<OCSP_response_status(3)|OCSP_response_status(3)>,
-L<OCSP_sendreq_new(3)|OCSP_sendreq_new(3)>
+L<crypto(3)>,
+L<OCSP_request_add1_nonce(3)>,
+L<OCSP_REQUEST_new(3)>,
+L<OCSP_response_find_status(3)>,
+L<OCSP_response_status(3)>,
+L<OCSP_sendreq_new(3)>
 
 =cut
diff --git a/doc/crypto/OCSP_request_add1_nonce.pod b/doc/crypto/OCSP_request_add1_nonce.pod
index 8fe319706a..a95000e2f7 100644
--- a/doc/crypto/OCSP_request_add1_nonce.pod
+++ b/doc/crypto/OCSP_request_add1_nonce.pod
@@ -63,11 +63,11 @@ condition.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>,
-L<OCSP_cert_to_id(3)|OCSP_cert_to_id(3)>,
-L<OCSP_REQUEST_new(3)|OCSP_REQUEST_new(3)>,
-L<OCSP_response_find_status(3)|OCSP_response_find_status(3)>,
-L<OCSP_response_status(3)|OCSP_response_status(3)>,
-L<OCSP_sendreq_new(3)|OCSP_sendreq_new(3)>
+L<crypto(3)>,
+L<OCSP_cert_to_id(3)>,
+L<OCSP_REQUEST_new(3)>,
+L<OCSP_response_find_status(3)>,
+L<OCSP_response_status(3)>,
+L<OCSP_sendreq_new(3)>
 
 =cut
diff --git a/doc/crypto/OCSP_response_find_status.pod b/doc/crypto/OCSP_response_find_status.pod
index 1f4666a8fb..9ea2b7ca11 100644
--- a/doc/crypto/OCSP_response_find_status.pod
+++ b/doc/crypto/OCSP_response_find_status.pod
@@ -94,11 +94,11 @@ parameters can be set to NULL if their value is not required.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>,
-L<OCSP_cert_to_id(3)|OCSP_cert_to_id(3)>,
-L<OCSP_request_add1_nonce(3)|OCSP_request_add1_nonce(3)>,
-L<OCSP_REQUEST_new(3)|OCSP_REQUEST_new(3)>,
-L<OCSP_response_status(3)|OCSP_response_status(3)>,
-L<OCSP_sendreq_new(3)|OCSP_sendreq_new(3)>
+L<crypto(3)>,
+L<OCSP_cert_to_id(3)>,
+L<OCSP_request_add1_nonce(3)>,
+L<OCSP_REQUEST_new(3)>,
+L<OCSP_response_status(3)>,
+L<OCSP_sendreq_new(3)>
 
 =cut
diff --git a/doc/crypto/OCSP_response_status.pod b/doc/crypto/OCSP_response_status.pod
index 7121872f23..5946734b43 100644
--- a/doc/crypto/OCSP_response_status.pod
+++ b/doc/crypto/OCSP_response_status.pod
@@ -47,11 +47,11 @@ B<OCSP_RESPONSE_STATUS_SUCCESSFUL>.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>
-L<OCSP_cert_to_id(3)|OCSP_cert_to_id(3)>
-L<OCSP_request_add1_nonce(3)|OCSP_request_add1_nonce(3)>
-L<OCSP_REQUEST_new(3)|OCSP_REQUEST_new(3)>
-L<OCSP_response_find_status(3)|OCSP_response_find_status(3)>
-L<OCSP_sendreq_new(3)|OCSP_sendreq_new(3)>
+L<crypto(3)>
+L<OCSP_cert_to_id(3)>
+L<OCSP_request_add1_nonce(3)>
+L<OCSP_REQUEST_new(3)>
+L<OCSP_response_find_status(3)>
+L<OCSP_sendreq_new(3)>
 
 =cut
diff --git a/doc/crypto/OCSP_sendreq_new.pod b/doc/crypto/OCSP_sendreq_new.pod
index cab11f71c5..b0515120ef 100644
--- a/doc/crypto/OCSP_sendreq_new.pod
+++ b/doc/crypto/OCSP_sendreq_new.pod
@@ -103,11 +103,11 @@ applications is not recommended.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>,
-L<OCSP_cert_to_id(3)|OCSP_cert_to_id(3)>,
-L<OCSP_request_add1_nonce(3)|OCSP_request_add1_nonce(3)>,
-L<OCSP_REQUEST_new(3)|OCSP_REQUEST_new(3)>,
-L<OCSP_response_find_status(3)|OCSP_response_find_status(3)>,
-L<OCSP_response_status(3)|OCSP_response_status(3)>
+L<crypto(3)>,
+L<OCSP_cert_to_id(3)>,
+L<OCSP_request_add1_nonce(3)>,
+L<OCSP_REQUEST_new(3)>,
+L<OCSP_response_find_status(3)>,
+L<OCSP_response_status(3)>
 
 =cut
diff --git a/doc/crypto/OPENSSL_VERSION_NUMBER.pod b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
index f7ca7cb790..f76a9d3f37 100644
--- a/doc/crypto/OPENSSL_VERSION_NUMBER.pod
+++ b/doc/crypto/OPENSSL_VERSION_NUMBER.pod
@@ -90,7 +90,7 @@ The version number.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>
+L<crypto(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/OPENSSL_config.pod b/doc/crypto/OPENSSL_config.pod
index 91d61f3f51..cc86f24f6e 100644
--- a/doc/crypto/OPENSSL_config.pod
+++ b/doc/crypto/OPENSSL_config.pod
@@ -58,9 +58,9 @@ Neither OPENSSL_config() nor OPENSSL_no_config() return a value.
 
 =head1 SEE ALSO
 
-L<conf(5)|conf(5)>,
-L<CONF_modules_load_file(3)|CONF_modules_load_file(3)>,
-L<CONF_modules_free(3)|CONF_modules_free(3)>
+L<conf(5)>,
+L<CONF_modules_load_file(3)>,
+L<CONF_modules_free(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/OPENSSL_load_builtin_modules.pod b/doc/crypto/OPENSSL_load_builtin_modules.pod
index de62912ff2..8ff3d79460 100644
--- a/doc/crypto/OPENSSL_load_builtin_modules.pod
+++ b/doc/crypto/OPENSSL_load_builtin_modules.pod
@@ -42,7 +42,7 @@ None of the functions return a value.
 
 =head1 SEE ALSO
 
-L<conf(3)|conf(3)>, L<OPENSSL_config(3)|OPENSSL_config(3)>
+L<conf(3)>, L<OPENSSL_config(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/OpenSSL_add_all_algorithms.pod b/doc/crypto/OpenSSL_add_all_algorithms.pod
index bcb79e5f6b..3ca0576da8 100644
--- a/doc/crypto/OpenSSL_add_all_algorithms.pod
+++ b/doc/crypto/OpenSSL_add_all_algorithms.pod
@@ -60,7 +60,7 @@ too much of a problem in practice.
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+L<evp(3)>, L<EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)>
 
 =cut
diff --git a/doc/crypto/PEM_write_bio_CMS_stream.pod b/doc/crypto/PEM_write_bio_CMS_stream.pod
index e070c45c2e..35260c1e52 100644
--- a/doc/crypto/PEM_write_bio_CMS_stream.pod
+++ b/doc/crypto/PEM_write_bio_CMS_stream.pod
@@ -28,11 +28,11 @@ PEM_write_bio_CMS_stream() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>,
-L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
-L<i2d_CMS_bio_stream(3)|i2d_CMS_bio_stream(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_verify(3)>, L<CMS_encrypt(3)>
+L<CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)>,
+L<i2d_CMS_bio_stream(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PEM_write_bio_PKCS7_stream.pod b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
index 16fc9b6845..121d418362 100644
--- a/doc/crypto/PEM_write_bio_PKCS7_stream.pod
+++ b/doc/crypto/PEM_write_bio_PKCS7_stream.pod
@@ -28,11 +28,11 @@ PEM_write_bio_PKCS7_stream() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
-L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
-L<i2d_PKCS7_bio_stream(3)|i2d_PKCS7_bio_stream(3)>
+L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
+L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)>,
+L<i2d_PKCS7_bio_stream(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS12_create.pod b/doc/crypto/PKCS12_create.pod
index 88397fe450..76edc4800b 100644
--- a/doc/crypto/PKCS12_create.pod
+++ b/doc/crypto/PKCS12_create.pod
@@ -66,7 +66,7 @@ B<mac_iter> can be set to -1 and the MAC will then be omitted entirely.
 
 =head1 SEE ALSO
 
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
+L<d2i_PKCS12(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS12_parse.pod b/doc/crypto/PKCS12_parse.pod
index c54cf2ad61..3691a9b254 100644
--- a/doc/crypto/PKCS12_parse.pod
+++ b/doc/crypto/PKCS12_parse.pod
@@ -33,7 +33,7 @@ B<X509> structure.
 
 PKCS12_parse() returns 1 for success and zero if an error occurred.
 
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+The error can be obtained from L<ERR_get_error(3)>
 
 =head1 BUGS
 
@@ -48,7 +48,7 @@ Attributes currently cannot be stored in the private key B<EVP_PKEY> structure.
 
 =head1 SEE ALSO
 
-L<d2i_PKCS12(3)|d2i_PKCS12(3)>
+L<d2i_PKCS12(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS5_PBKDF2_HMAC.pod b/doc/crypto/PKCS5_PBKDF2_HMAC.pod
index 7287993360..b04e476a81 100644
--- a/doc/crypto/PKCS5_PBKDF2_HMAC.pod
+++ b/doc/crypto/PKCS5_PBKDF2_HMAC.pod
@@ -58,8 +58,8 @@ PKCS5_PBKDF2_HMAC() and PBKCS5_PBKDF2_HMAC_SHA1() return 1 on success or 0 on er
 
 =head1 SEE ALSO
 
-L<evp(3)|evp(3)>, L<rand(3)|rand(3)>,
-L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>
+L<evp(3)>, L<rand(3)>,
+L<EVP_BytesToKey(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS7_decrypt.pod b/doc/crypto/PKCS7_decrypt.pod
index 325699d0b6..9bb367d800 100644
--- a/doc/crypto/PKCS7_decrypt.pod
+++ b/doc/crypto/PKCS7_decrypt.pod
@@ -46,7 +46,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify().
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
+L<ERR_get_error(3)>, L<PKCS7_encrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS7_encrypt.pod b/doc/crypto/PKCS7_encrypt.pod
index 2cd925a7e0..71618d9c87 100644
--- a/doc/crypto/PKCS7_encrypt.pod
+++ b/doc/crypto/PKCS7_encrypt.pod
@@ -70,7 +70,7 @@ The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+L<ERR_get_error(3)>, L<PKCS7_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS7_sign.pod b/doc/crypto/PKCS7_sign.pod
index c788c4b234..f6fe3b6e71 100644
--- a/doc/crypto/PKCS7_sign.pod
+++ b/doc/crypto/PKCS7_sign.pod
@@ -103,7 +103,7 @@ occurred.  The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_verify(3)|PKCS7_verify(3)>
+L<ERR_get_error(3)>, L<PKCS7_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS7_sign_add_signer.pod b/doc/crypto/PKCS7_sign_add_signer.pod
index f09a0f9439..580a9a14e3 100644
--- a/doc/crypto/PKCS7_sign_add_signer.pod
+++ b/doc/crypto/PKCS7_sign_add_signer.pod
@@ -77,8 +77,8 @@ structure just added or NULL if an error occurs.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_final(3)|PKCS7_final(3)>,
+L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
+L<PKCS7_final(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/crypto/PKCS7_verify.pod b/doc/crypto/PKCS7_verify.pod
index cad304ee10..b440f4dcb3 100644
--- a/doc/crypto/PKCS7_verify.pod
+++ b/doc/crypto/PKCS7_verify.pod
@@ -96,7 +96,7 @@ if an error occurs.
 
 PKCS7_get0_signers() returns all signers or B<NULL> if an error occurred.
 
-The error can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>
+The error can be obtained from L<ERR_get_error(3)>
 
 =head1 BUGS
 
@@ -109,7 +109,7 @@ mentioned in PKCS7_sign() also applies to PKCS7_verify().
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>
+L<ERR_get_error(3)>, L<PKCS7_sign(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_add.pod b/doc/crypto/RAND_add.pod
index 67c66f3e0c..b160eeb699 100644
--- a/doc/crypto/RAND_add.pod
+++ b/doc/crypto/RAND_add.pod
@@ -37,8 +37,8 @@ OpenSSL makes sure that the PRNG state is unique for each thread. On
 systems that provide C</dev/urandom>, the randomness device is used
 to seed the PRNG transparently. However, on all other systems, the
 application is responsible for seeding the PRNG by calling RAND_add(),
-L<RAND_egd(3)|RAND_egd(3)>
-or L<RAND_load_file(3)|RAND_load_file(3)>.
+L<RAND_egd(3)>
+or L<RAND_load_file(3)>.
 
 RAND_seed() is equivalent to RAND_add() when B<num == entropy>.
 
@@ -65,8 +65,8 @@ The other functions do not return values.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<rand(3)>, L<RAND_egd(3)>,
+L<RAND_load_file(3)>, L<RAND_cleanup(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_bytes.pod b/doc/crypto/RAND_bytes.pod
index f3a5ed22f8..6a41c37103 100644
--- a/doc/crypto/RAND_bytes.pod
+++ b/doc/crypto/RAND_bytes.pod
@@ -34,15 +34,15 @@ the new pseudo-random bytes unless disabled at compile time (see FAQ).
 =head1 RETURN VALUES
 
 RAND_bytes() returns 1 on success, 0 otherwise. The error code can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
+obtained by L<ERR_get_error(3)>. RAND_pseudo_bytes() returns 1 if the
 bytes generated are cryptographically strong, 0 otherwise. Both
 functions return -1 if they are not supported by the current RAND
 method.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<ERR_get_error(3)|ERR_get_error(3)>,
-L<RAND_add(3)|RAND_add(3)>
+L<rand(3)>, L<ERR_get_error(3)>,
+L<RAND_add(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_cleanup.pod b/doc/crypto/RAND_cleanup.pod
index 3a8f0749a8..e9b3af934b 100644
--- a/doc/crypto/RAND_cleanup.pod
+++ b/doc/crypto/RAND_cleanup.pod
@@ -20,7 +20,7 @@ RAND_cleanup() returns no value.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>
+L<rand(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_egd.pod b/doc/crypto/RAND_egd.pod
index 80fa734d18..5a28545986 100644
--- a/doc/crypto/RAND_egd.pod
+++ b/doc/crypto/RAND_egd.pod
@@ -16,12 +16,12 @@ RAND_egd, RAND_egd_bytes, RAND_query_egd_bytes - query entropy gathering daemon
 =head1 DESCRIPTION
 
 RAND_egd() queries the entropy gathering daemon EGD on socket B<path>.
-It queries 255 bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
+It queries 255 bytes and uses L<RAND_add(3)> to seed the
 OpenSSL built-in PRNG. RAND_egd(path) is a wrapper for
 RAND_egd_bytes(path, 255);
 
 RAND_egd_bytes() queries the entropy gathering daemon EGD on socket B<path>.
-It queries B<bytes> bytes and uses L<RAND_add(3)|RAND_add(3)> to seed the
+It queries B<bytes> bytes and uses L<RAND_add(3)> to seed the
 OpenSSL built-in PRNG.
 This function is more flexible than RAND_egd().
 When only one secret key must
@@ -32,7 +32,7 @@ that can be retrieved from EGD over time is limited.
 RAND_query_egd_bytes() performs the actual query of the EGD daemon on socket
 B<path>. If B<buf> is given, B<bytes> bytes are queried and written into
 B<buf>. If B<buf> is NULL, B<bytes> bytes are queried and used to seed the
-OpenSSL built-in PRNG using L<RAND_add(3)|RAND_add(3)>.
+OpenSSL built-in PRNG using L<RAND_add(3)>.
 
 =head1 NOTES
 
@@ -72,8 +72,8 @@ success, and -1 if the connection failed. The PRNG state is not considered.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<rand(3)>, L<RAND_add(3)>,
+L<RAND_cleanup(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_load_file.pod b/doc/crypto/RAND_load_file.pod
index d8c134e621..e19757e40e 100644
--- a/doc/crypto/RAND_load_file.pod
+++ b/doc/crypto/RAND_load_file.pod
@@ -43,7 +43,7 @@ error.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<RAND_add(3)|RAND_add(3)>, L<RAND_cleanup(3)|RAND_cleanup(3)>
+L<rand(3)>, L<RAND_add(3)>, L<RAND_cleanup(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RAND_set_rand_method.pod b/doc/crypto/RAND_set_rand_method.pod
index e5b780fad0..a2828e3d47 100644
--- a/doc/crypto/RAND_set_rand_method.pod
+++ b/doc/crypto/RAND_set_rand_method.pod
@@ -67,7 +67,7 @@ algorithms.
 
 =head1 SEE ALSO
 
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>
+L<rand(3)>, L<engine(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_blinding_on.pod b/doc/crypto/RSA_blinding_on.pod
index fd2c69abd8..e512bbfe88 100644
--- a/doc/crypto/RSA_blinding_on.pod
+++ b/doc/crypto/RSA_blinding_on.pod
@@ -34,7 +34,7 @@ RSA_blinding_off() returns no value.
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<rand(3)|rand(3)>
+L<rsa(3)>, L<rand(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_check_key.pod b/doc/crypto/RSA_check_key.pod
index 522a6c2b5e..ec020635f7 100644
--- a/doc/crypto/RSA_check_key.pod
+++ b/doc/crypto/RSA_check_key.pod
@@ -29,7 +29,7 @@ Therefore, it cannot be used with any arbitrary RSA key object,
 even if it is otherwise fit for regular RSA operation.
 
 The B<cb> parameter is a callback that will be invoked in the same
-manner as L<BN_is_prime_ex(3)|BN_is_prime_ex(3)>.
+manner as L<BN_is_prime_ex(3)>.
 
 RSA_check_key() is equivalent to RSA_check_key_ex() with a NULL B<cb>.
 
@@ -40,7 +40,7 @@ return 1 if B<rsa> is a valid RSA key, and 0 otherwise.
 They return -1 if an error occurs while checking the key.
 
 If the key is invalid or an error occurred, the reason code can be
-obtained using L<ERR_get_error(3)|ERR_get_error(3)>.
+obtained using L<ERR_get_error(3)>.
 
 =head1 NOTES
 
@@ -65,9 +65,9 @@ provide their own verifiers.
 
 =head1 SEE ALSO
 
-L<BN_is_prime_ex(3)|BN_is_prime_ex(3)>,
-L<rsa(3)|rsa(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<BN_is_prime_ex(3)>,
+L<rsa(3)>,
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_generate_key.pod b/doc/crypto/RSA_generate_key.pod
index 881391a045..130acf97d5 100644
--- a/doc/crypto/RSA_generate_key.pod
+++ b/doc/crypto/RSA_generate_key.pod
@@ -28,14 +28,14 @@ The exponent is an odd number, typically 3, 17 or 65537.
 A callback function may be used to provide feedback about the
 progress of the key generation. If B<cb> is not B<NULL>, it
 will be called as follows using the BN_GENCB_call() function
-described on the L<BN_generate_prime(3)|BN_generate_prime(3)> page.
+described on the L<BN_generate_prime(3)> page.
 
 =over 4
 
 =item *
 
 While a random prime number is generated, it is called as
-described in L<BN_generate_prime(3)|BN_generate_prime(3)>.
+described in L<BN_generate_prime(3)>.
 
 =item *
 
@@ -54,13 +54,13 @@ The process is then repeated for prime q with B<BN_GENCB_call(cb, 3, 1)>.
 RSA_generate_key is deprecated (new applications should use
 RSA_generate_key_ex instead). RSA_generate_key works in the same was as
 RSA_generate_key_ex except it uses "old style" call backs. See
-L<BN_generate_prime(3)|BN_generate_prime(3)> for further details.
+L<BN_generate_prime(3)> for further details.
 
 =head1 RETURN VALUE
 
 If key generation fails, RSA_generate_key() returns B<NULL>.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 BUGS
 
@@ -70,8 +70,8 @@ RSA_generate_key() goes into an infinite loop for illegal input values.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_free(3)|RSA_free(3)>, L<BN_generate_prime(3)|BN_generate_prime(3)>
+L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
+L<RSA_free(3)>, L<BN_generate_prime(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_get_ex_new_index.pod b/doc/crypto/RSA_get_ex_new_index.pod
index 7d0fd1f91d..9b52559543 100644
--- a/doc/crypto/RSA_get_ex_new_index.pod
+++ b/doc/crypto/RSA_get_ex_new_index.pod
@@ -97,7 +97,7 @@ parameter.
 
 B<new_func()> and B<dup_func()> should return 0 for failure and 1 for success.
 
-On failure an error code can be obtained from L<ERR_get_error(3)|ERR_get_error(3)>.
+On failure an error code can be obtained from L<ERR_get_error(3)>.
 
 =head1 BUGS
 
@@ -110,7 +110,7 @@ present in the parent RSA structure when it is called.
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+L<rsa(3)>, L<CRYPTO_set_ex_data(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_new.pod b/doc/crypto/RSA_new.pod
index 70901a556b..0ce325d5b8 100644
--- a/doc/crypto/RSA_new.pod
+++ b/doc/crypto/RSA_new.pod
@@ -24,16 +24,16 @@ If B<rsa> is NULL nothing is done.
 =head1 RETURN VALUES
 
 If the allocation fails, RSA_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. Otherwise it returns
+code that can be obtained by L<ERR_get_error(3)>. Otherwise it returns
 a pointer to the newly allocated structure.
 
 RSA_free() returns no value.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_new_method(3)|RSA_new_method(3)>
+L<ERR_get_error(3)>, L<rsa(3)>,
+L<RSA_generate_key(3)>,
+L<RSA_new_method(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
index b8f678fe72..9389254c5d 100644
--- a/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
+++ b/doc/crypto/RSA_padding_add_PKCS1_type_1.pod
@@ -102,13 +102,13 @@ of length B<pl>. B<p> may be B<NULL> if B<pl> is 0.
 The RSA_padding_add_xxx() functions return 1 on success, 0 on error.
 The RSA_padding_check_xxx() functions return the length of the
 recovered data, -1 on error. Error codes can be obtained by calling
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_private_decrypt(3)|RSA_private_decrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
+L<RSA_public_encrypt(3)>,
+L<RSA_private_decrypt(3)>,
+L<RSA_sign(3)>, L<RSA_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_print.pod b/doc/crypto/RSA_print.pod
index c971e91f4d..7690f31ac0 100644
--- a/doc/crypto/RSA_print.pod
+++ b/doc/crypto/RSA_print.pod
@@ -38,7 +38,7 @@ These functions return 1 on success, 0 on error.
 
 =head1 SEE ALSO
 
-L<dh(3)|dh(3)>, L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>, L<BN_bn2bin(3)|BN_bn2bin(3)>
+L<dh(3)>, L<dsa(3)>, L<rsa(3)>, L<BN_bn2bin(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_private_encrypt.pod b/doc/crypto/RSA_private_encrypt.pod
index 746a80c79e..8e4425c10b 100644
--- a/doc/crypto/RSA_private_encrypt.pod
+++ b/doc/crypto/RSA_private_encrypt.pod
@@ -31,7 +31,7 @@ B<padding> denotes one of the following modes:
 
 PKCS #1 v1.5 padding. This function does not handle the
 B<algorithmIdentifier> specified in PKCS #1. When generating or
-verifying PKCS #1 signatures, L<RSA_sign(3)|RSA_sign(3)> and L<RSA_verify(3)|RSA_verify(3)> should be
+verifying PKCS #1 signatures, L<RSA_sign(3)> and L<RSA_verify(3)> should be
 used.
 
 =item RSA_NO_PADDING
@@ -55,12 +55,12 @@ RSA_size(rsa)). RSA_public_decrypt() returns the size of the
 recovered message digest.
 
 On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+obtained by L<ERR_get_error(3)>.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_verify(3)|RSA_verify(3)>
+L<ERR_get_error(3)>, L<rsa(3)>,
+L<RSA_sign(3)>, L<RSA_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_public_encrypt.pod b/doc/crypto/RSA_public_encrypt.pod
index ab0fe3b2cd..35a0fb5b9f 100644
--- a/doc/crypto/RSA_public_encrypt.pod
+++ b/doc/crypto/RSA_public_encrypt.pod
@@ -65,7 +65,7 @@ RSA_size(B<rsa>)). RSA_private_decrypt() returns the size of the
 recovered plaintext.
 
 On error, -1 is returned; the error codes can be
-obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+obtained by L<ERR_get_error(3)>.
 
 =head1 CONFORMING TO
 
@@ -73,8 +73,8 @@ SSL, PKCS #1 v2.0
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<RSA_size(3)|RSA_size(3)>
+L<ERR_get_error(3)>, L<rand(3)>, L<rsa(3)>,
+L<RSA_size(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod
index 0ef0781186..7ccb216935 100644
--- a/doc/crypto/RSA_set_method.pod
+++ b/doc/crypto/RSA_set_method.pod
@@ -156,7 +156,7 @@ ENGINE). For this reason, the return type may be replaced with a B<void>
 declaration in a future release.
 
 RSA_new_method() returns NULL and sets an error code that can be obtained
-by L<ERR_get_error(3)|ERR_get_error(3)> if the allocation fails. Otherwise
+by L<ERR_get_error(3)> if the allocation fails. Otherwise
 it returns a pointer to the newly allocated structure.
 
 =head1 NOTES
@@ -183,7 +183,7 @@ not currently exist).
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<RSA_new(3)|RSA_new(3)>
+L<rsa(3)>, L<RSA_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_sign.pod b/doc/crypto/RSA_sign.pod
index fc16b1f4f8..4e9892587c 100644
--- a/doc/crypto/RSA_sign.pod
+++ b/doc/crypto/RSA_sign.pod
@@ -22,12 +22,12 @@ signature in B<sigret> and the signature size in B<siglen>. B<sigret>
 must point to RSA_size(B<rsa>) bytes of memory.
 Note that PKCS #1 adds meta-data, placing limits on the size of the
 key that can be used.
-See L<RSA_private_encrypt(3)|RSA_private_encrypt(3)> for lower-level
+See L<RSA_private_encrypt(3)> for lower-level
 operations.
 
 B<type> denotes the message digest algorithm that was used to generate
 B<m>. It usually is one of B<NID_sha1>, B<NID_ripemd160> and B<NID_md5>;
-see L<objects(3)|objects(3)> for details. If B<type> is B<NID_md5_sha1>,
+see L<objects(3)> for details. If B<type> is B<NID_md5_sha1>,
 an SSL signature (MD5 and SHA1 message digests with PKCS #1 padding
 and no algorithm identifier) is created.
 
@@ -41,7 +41,7 @@ B<rsa> is the signer's public key.
 RSA_sign() returns 1 on success, 0 otherwise.  RSA_verify() returns 1
 on successful verification, 0 otherwise.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 BUGS
 
@@ -54,9 +54,9 @@ SSL, PKCS #1 v2.0
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rsa(3)|rsa(3)>, L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_public_decrypt(3)|RSA_public_decrypt(3)> 
+L<ERR_get_error(3)>, L<objects(3)>,
+L<rsa(3)>, L<RSA_private_encrypt(3)>,
+L<RSA_public_decrypt(3)> 
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod b/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
index e70380bbfc..f505ddb590 100644
--- a/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
+++ b/doc/crypto/RSA_sign_ASN1_OCTET_STRING.pod
@@ -39,7 +39,7 @@ RSA_sign_ASN1_OCTET_STRING() returns 1 on success, 0 otherwise.
 RSA_verify_ASN1_OCTET_STRING() returns 1 on successful verification, 0
 otherwise.
 
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 BUGS
 
@@ -47,9 +47,9 @@ These functions serve no recognizable purpose.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<objects(3)|objects(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<RSA_sign(3)|RSA_sign(3)>,
-L<RSA_verify(3)|RSA_verify(3)>
+L<ERR_get_error(3)>, L<objects(3)>,
+L<rand(3)>, L<rsa(3)>, L<RSA_sign(3)>,
+L<RSA_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/RSA_size.pod b/doc/crypto/RSA_size.pod
index f68d5e8e3c..dc57bd14e2 100644
--- a/doc/crypto/RSA_size.pod
+++ b/doc/crypto/RSA_size.pod
@@ -28,7 +28,7 @@ The size.
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<BN_num_bits(3)|BN_num_bits(3)>
+L<rsa(3)>, L<BN_num_bits(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/SMIME_read_CMS.pod b/doc/crypto/SMIME_read_CMS.pod
index acc5524c14..15bec5927e 100644
--- a/doc/crypto/SMIME_read_CMS.pod
+++ b/doc/crypto/SMIME_read_CMS.pod
@@ -58,10 +58,10 @@ if an error occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_type(3)|CMS_type(3)>
-L<SMIME_read_CMS(3)|SMIME_read_CMS(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>
+L<ERR_get_error(3)>, L<CMS_type(3)>
+L<SMIME_read_CMS(3)>, L<CMS_sign(3)>,
+L<CMS_verify(3)>, L<CMS_encrypt(3)>
+L<CMS_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/SMIME_read_PKCS7.pod b/doc/crypto/SMIME_read_PKCS7.pod
index 9d46715941..40f950fc1e 100644
--- a/doc/crypto/SMIME_read_PKCS7.pod
+++ b/doc/crypto/SMIME_read_PKCS7.pod
@@ -61,10 +61,10 @@ is an error occurred. The error can be obtained from ERR_get_error(3).
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_type(3)|PKCS7_type(3)>
-L<SMIME_read_PKCS7(3)|SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+L<ERR_get_error(3)>, L<PKCS7_type(3)>
+L<SMIME_read_PKCS7(3)>, L<PKCS7_sign(3)>,
+L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/SMIME_write_CMS.pod b/doc/crypto/SMIME_write_CMS.pod
index 04bedfb429..1cd1baa362 100644
--- a/doc/crypto/SMIME_write_CMS.pod
+++ b/doc/crypto/SMIME_write_CMS.pod
@@ -53,9 +53,9 @@ SMIME_write_CMS() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_verify(3)>, L<CMS_encrypt(3)>
+L<CMS_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/SMIME_write_PKCS7.pod b/doc/crypto/SMIME_write_PKCS7.pod
index 4a7cd08c42..85bc4786f7 100644
--- a/doc/crypto/SMIME_write_PKCS7.pod
+++ b/doc/crypto/SMIME_write_PKCS7.pod
@@ -54,9 +54,9 @@ SMIME_write_PKCS7() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>
+L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
+L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/SSLeay_version.pod b/doc/crypto/SSLeay_version.pod
index 1500c2af91..c54c3fea6b 100644
--- a/doc/crypto/SSLeay_version.pod
+++ b/doc/crypto/SSLeay_version.pod
@@ -65,7 +65,7 @@ Textual description.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>
+L<crypto(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_NAME_ENTRY_get_object.pod b/doc/crypto/X509_NAME_ENTRY_get_object.pod
index 4716e7ee75..2cb96c5764 100644
--- a/doc/crypto/X509_NAME_ENTRY_get_object.pod
+++ b/doc/crypto/X509_NAME_ENTRY_get_object.pod
@@ -64,8 +64,8 @@ set first so the relevant field information can be looked up internally.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<OBJ_nid2obj(3)|OBJ_nid2obj(3)>
+L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>,
+L<OBJ_nid2obj(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_NAME_add_entry_by_txt.pod b/doc/crypto/X509_NAME_add_entry_by_txt.pod
index 3bdc07fcfb..c10ea0fb77 100644
--- a/doc/crypto/X509_NAME_add_entry_by_txt.pod
+++ b/doc/crypto/X509_NAME_add_entry_by_txt.pod
@@ -109,7 +109,7 @@ can result in invalid field types its use is strongly discouraged.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
+L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_NAME_get_index_by_NID.pod b/doc/crypto/X509_NAME_get_index_by_NID.pod
index 380356e16c..e6dfff3713 100644
--- a/doc/crypto/X509_NAME_get_index_by_NID.pod
+++ b/doc/crypto/X509_NAME_get_index_by_NID.pod
@@ -110,7 +110,7 @@ requested entry or B<NULL> if the index is invalid.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>
+L<ERR_get_error(3)>, L<d2i_X509_NAME(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_NAME_print_ex.pod b/doc/crypto/X509_NAME_print_ex.pod
index 2579a5dc9d..0d8e5fe641 100644
--- a/doc/crypto/X509_NAME_print_ex.pod
+++ b/doc/crypto/X509_NAME_print_ex.pod
@@ -40,7 +40,7 @@ applications.
 
 Although there are a large number of possible flags for most purposes
 B<XN_FLAG_ONELINE>, B<XN_FLAG_MULTILINE> or B<XN_FLAG_RFC2253> will suffice.
-As noted on the L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)> manual page
+As noted on the L<ASN1_STRING_print_ex(3)> manual page
 for UTF8 terminals the B<ASN1_STRFLGS_ESC_MSB> should be unset: so for example
 B<XN_FLAG_ONELINE & ~ASN1_STRFLGS_ESC_MSB> would be used.
 
@@ -96,7 +96,7 @@ B<XN_FLAG_COMPAT> uses a format identical to X509_NAME_print(): in fact it calls
 
 =head1 SEE ALSO
 
-L<ASN1_STRING_print_ex(3)|ASN1_STRING_print_ex(3)>
+L<ASN1_STRING_print_ex(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_STORE_CTX_get_error.pod b/doc/crypto/X509_STORE_CTX_get_error.pod
index 7748e9042c..75be45374e 100644
--- a/doc/crypto/X509_STORE_CTX_get_error.pod
+++ b/doc/crypto/X509_STORE_CTX_get_error.pod
@@ -296,7 +296,7 @@ thread safe but will never happen unless an invalid code is passed.
 
 =head1 SEE ALSO
 
-L<X509_verify_cert(3)|X509_verify_cert(3)>
+L<X509_verify_cert(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod b/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
index 8a9243d756..58368fd532 100644
--- a/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
+++ b/doc/crypto/X509_STORE_CTX_get_ex_new_index.pod
@@ -31,7 +31,7 @@ structure.
 
 =head1 SEE ALSO
 
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>
+L<RSA_get_ex_new_index(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_STORE_CTX_new.pod b/doc/crypto/X509_STORE_CTX_new.pod
index f8907d7ebb..1f3ded6d29 100644
--- a/doc/crypto/X509_STORE_CTX_new.pod
+++ b/doc/crypto/X509_STORE_CTX_new.pod
@@ -126,8 +126,8 @@ used.
 
 =head1 SEE ALSO
 
-L<X509_verify_cert(3)|X509_verify_cert(3)>
-L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+L<X509_verify_cert(3)>
+L<X509_VERIFY_PARAM_set_flags(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
index b9787a6ca6..8ff47f64c0 100644
--- a/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
+++ b/doc/crypto/X509_STORE_CTX_set_verify_cb.pod
@@ -149,9 +149,9 @@ B<ex_data>.
 
 =head1 SEE ALSO
 
-L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
-L<X509_STORE_set_verify_cb_func(3)|X509_STORE_set_verify_cb_func(3)>
-L<X509_STORE_CTX_get_ex_new_index(3)|X509_STORE_CTX_get_ex_new_index(3)>
+L<X509_STORE_CTX_get_error(3)>
+L<X509_STORE_set_verify_cb_func(3)>
+L<X509_STORE_CTX_get_ex_new_index(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_STORE_set_verify_cb_func.pod b/doc/crypto/X509_STORE_set_verify_cb_func.pod
index 29e3bbe3bc..b5bc1eab36 100644
--- a/doc/crypto/X509_STORE_set_verify_cb_func.pod
+++ b/doc/crypto/X509_STORE_set_verify_cb_func.pod
@@ -41,8 +41,8 @@ a value.
 
 =head1 SEE ALSO
 
-L<X509_STORE_CTX_set_verify_cb(3)|X509_STORE_CTX_set_verify_cb(3)>
-L<CMS_verify(3)|CMS_verify(3)>
+L<X509_STORE_CTX_set_verify_cb(3)>
+L<CMS_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
index 066ce0fb3a..ec91d5dced 100644
--- a/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
+++ b/doc/crypto/X509_VERIFY_PARAM_set_flags.pod
@@ -232,10 +232,10 @@ connections associated with an B<SSL_CTX> structure B<ctx>:
 
 =head1 SEE ALSO
 
-L<X509_verify_cert(3)|X509_verify_cert(3)>,
-L<X509_check_host(3)|X509_check_host(3)>,
-L<X509_check_email(3)|X509_check_email(3)>,
-L<X509_check_ip(3)|X509_check_ip(3)>
+L<X509_verify_cert(3)>,
+L<X509_check_host(3)>,
+L<X509_check_email(3)>,
+L<X509_check_ip(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_check_host.pod b/doc/crypto/X509_check_host.pod
index 5804115548..23447f41f2 100644
--- a/doc/crypto/X509_check_host.pod
+++ b/doc/crypto/X509_check_host.pod
@@ -126,12 +126,12 @@ DANE support is added to OpenSSL.
 
 =head1 SEE ALSO
 
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<X509_VERIFY_PARAM_set1_host(3)|X509_VERIFY_PARAM_set1_host(3)>,
-L<X509_VERIFY_PARAM_add1_host(3)|X509_VERIFY_PARAM_add1_host(3)>,
-L<X509_VERIFY_PARAM_set1_email(3)|X509_VERIFY_PARAM_set1_email(3)>,
-L<X509_VERIFY_PARAM_set1_ip(3)|X509_VERIFY_PARAM_set1_ip(3)>,
-L<X509_VERIFY_PARAM_set1_ipasc(3)|X509_VERIFY_PARAM_set1_ipasc(3)>
+L<SSL_get_verify_result(3)>,
+L<X509_VERIFY_PARAM_set1_host(3)>,
+L<X509_VERIFY_PARAM_add1_host(3)>,
+L<X509_VERIFY_PARAM_set1_email(3)>,
+L<X509_VERIFY_PARAM_set1_ip(3)>,
+L<X509_VERIFY_PARAM_set1_ipasc(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_new.pod b/doc/crypto/X509_new.pod
index d6f3d3092f..2e49a6e0df 100644
--- a/doc/crypto/X509_new.pod
+++ b/doc/crypto/X509_new.pod
@@ -24,14 +24,14 @@ If B<a> is NULL nothing is done.
 =head1 RETURN VALUES
 
 If the allocation fails, X509_new() returns B<NULL> and sets an error
-code that can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+code that can be obtained by L<ERR_get_error(3)>.
 Otherwise it returns a pointer to the newly allocated structure.
 
 X509_free() returns no value.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<d2i_X509(3)|d2i_X509(3)>
+L<ERR_get_error(3)>, L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/X509_verify_cert.pod b/doc/crypto/X509_verify_cert.pod
index 48055b0f96..1780bfef19 100644
--- a/doc/crypto/X509_verify_cert.pod
+++ b/doc/crypto/X509_verify_cert.pod
@@ -14,7 +14,7 @@ X509_verify_cert - discover and verify X509 certificate chain
 
 The X509_verify_cert() function attempts to discover and validate a
 certificate chain based on parameters in B<ctx>. A complete description of
-the process is contained in the L<verify(1)|verify(1)> manual page.
+the process is contained in the L<verify(1)> manual page.
 
 =head1 RETURN VALUES
 
@@ -45,7 +45,7 @@ functiosn which use B<x509_vfy.h>.
 
 =head1 SEE ALSO
 
-L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)>
+L<X509_STORE_CTX_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/bio.pod b/doc/crypto/bio.pod
index 9debe4f1b6..fc1da92fa7 100644
--- a/doc/crypto/bio.pod
+++ b/doc/crypto/bio.pod
@@ -39,17 +39,17 @@ BIO).
 
 =head1 SEE ALSO
 
-L<BIO_ctrl(3)|BIO_ctrl(3)>,
-L<BIO_f_base64(3)|BIO_f_base64(3)>, L<BIO_f_buffer(3)|BIO_f_buffer(3)>,
-L<BIO_f_cipher(3)|BIO_f_cipher(3)>, L<BIO_f_md(3)|BIO_f_md(3)>,
-L<BIO_f_null(3)|BIO_f_null(3)>, L<BIO_f_ssl(3)|BIO_f_ssl(3)>,
-L<BIO_find_type(3)|BIO_find_type(3)>, L<BIO_new(3)|BIO_new(3)>,
-L<BIO_new_bio_pair(3)|BIO_new_bio_pair(3)>,
-L<BIO_push(3)|BIO_push(3)>, L<BIO_read(3)|BIO_read(3)>,
-L<BIO_s_accept(3)|BIO_s_accept(3)>, L<BIO_s_bio(3)|BIO_s_bio(3)>,
-L<BIO_s_connect(3)|BIO_s_connect(3)>, L<BIO_s_fd(3)|BIO_s_fd(3)>,
-L<BIO_s_file(3)|BIO_s_file(3)>, L<BIO_s_mem(3)|BIO_s_mem(3)>,
-L<BIO_s_secmem(3)|BIO_s_mem(3)>,
-L<BIO_s_null(3)|BIO_s_null(3)>, L<BIO_s_socket(3)|BIO_s_socket(3)>,
-L<BIO_set_callback(3)|BIO_set_callback(3)>,
-L<BIO_should_retry(3)|BIO_should_retry(3)>
+L<BIO_ctrl(3)>,
+L<BIO_f_base64(3)>, L<BIO_f_buffer(3)>,
+L<BIO_f_cipher(3)>, L<BIO_f_md(3)>,
+L<BIO_f_null(3)>, L<BIO_f_ssl(3)>,
+L<BIO_find_type(3)>, L<BIO_new(3)>,
+L<BIO_new_bio_pair(3)>,
+L<BIO_push(3)>, L<BIO_read(3)>,
+L<BIO_s_accept(3)>, L<BIO_s_bio(3)>,
+L<BIO_s_connect(3)>, L<BIO_s_fd(3)>,
+L<BIO_s_file(3)>, L<BIO_s_mem(3)>,
+L<BIO_s_mem(3)>,
+L<BIO_s_null(3)>, L<BIO_s_socket(3)>,
+L<BIO_set_callback(3)>,
+L<BIO_should_retry(3)>
diff --git a/doc/crypto/blowfish.pod b/doc/crypto/blowfish.pod
index 31438ab73a..25b954c0cb 100644
--- a/doc/crypto/blowfish.pod
+++ b/doc/crypto/blowfish.pod
@@ -33,7 +33,7 @@ by Counterpane (see http://www.counterpane.com/blowfish.html ).
 Blowfish is a block cipher that operates on 64 bit (8 byte) blocks of data.
 It uses a variable size key, but typically, 128 bit (16 byte) keys are
 considered good for strong encryption.  Blowfish can be used in the same
-modes as DES (see L<des_modes(7)|des_modes(7)>).  Blowfish is currently one
+modes as DES (see L<des_modes(7)>).  Blowfish is currently one
 of the faster block ciphers.  It is quite a bit faster than DES, and much
 faster than IDEA or RC2.
 
@@ -97,12 +97,12 @@ None of the functions presented here return any value.
 =head1 NOTE
 
 Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling these
+L<EVP_EncryptInit(3)> etc. instead of calling these
 functions directly.
 
 =head1 SEE ALSO
 
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<des_modes(7)|des_modes(7)>
+L<EVP_EncryptInit(3)>,
+L<des_modes(7)>
 
 =cut
diff --git a/doc/crypto/bn.pod b/doc/crypto/bn.pod
index ab809f95e4..37d638d9bb 100644
--- a/doc/crypto/bn.pod
+++ b/doc/crypto/bn.pod
@@ -163,26 +163,26 @@ The basic object in this library is a B<BIGNUM>. It is used to hold a
 single large integer. This type should be considered opaque and fields
 should not be modified or accessed directly.
 
-The creation of B<BIGNUM> objects is described in L<BN_new(3)|BN_new(3)>;
-L<BN_add(3)|BN_add(3)> describes most of the arithmetic operations.
-Comparison is described in L<BN_cmp(3)|BN_cmp(3)>; L<BN_zero(3)|BN_zero(3)>
-describes certain assignments, L<BN_rand(3)|BN_rand(3)> the generation of
-random numbers, L<BN_generate_prime(3)|BN_generate_prime(3)> deals with prime
-numbers and L<BN_set_bit(3)|BN_set_bit(3)> with bit operations. The conversion
-of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)|BN_bn2bin(3)>.
+The creation of B<BIGNUM> objects is described in L<BN_new(3)>;
+L<BN_add(3)> describes most of the arithmetic operations.
+Comparison is described in L<BN_cmp(3)>; L<BN_zero(3)>
+describes certain assignments, L<BN_rand(3)> the generation of
+random numbers, L<BN_generate_prime(3)> deals with prime
+numbers and L<BN_set_bit(3)> with bit operations. The conversion
+of B<BIGNUM>s to external formats is described in L<BN_bn2bin(3)>.
 
 =head1 SEE ALSO
 
-L<bn_internal(3)|bn_internal(3)>,
-L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>,
-L<BN_new(3)|BN_new(3)>, L<BN_CTX_new(3)|BN_CTX_new(3)>,
-L<BN_copy(3)|BN_copy(3)>, L<BN_swap(3)|BN_swap(3)>, L<BN_num_bytes(3)|BN_num_bytes(3)>,
-L<BN_add(3)|BN_add(3)>, L<BN_add_word(3)|BN_add_word(3)>,
-L<BN_cmp(3)|BN_cmp(3)>, L<BN_zero(3)|BN_zero(3)>, L<BN_rand(3)|BN_rand(3)>,
-L<BN_generate_prime(3)|BN_generate_prime(3)>, L<BN_set_bit(3)|BN_set_bit(3)>,
-L<BN_bn2bin(3)|BN_bn2bin(3)>, L<BN_mod_inverse(3)|BN_mod_inverse(3)>,
-L<BN_mod_mul_reciprocal(3)|BN_mod_mul_reciprocal(3)>,
-L<BN_mod_mul_montgomery(3)|BN_mod_mul_montgomery(3)>,
-L<BN_BLINDING_new(3)|BN_BLINDING_new(3)>
+L<bn_internal(3)>,
+L<dh(3)>, L<err(3)>, L<rand(3)>, L<rsa(3)>,
+L<BN_new(3)>, L<BN_CTX_new(3)>,
+L<BN_copy(3)>, L<BN_swap(3)>, L<BN_num_bytes(3)>,
+L<BN_add(3)>, L<BN_add_word(3)>,
+L<BN_cmp(3)>, L<BN_zero(3)>, L<BN_rand(3)>,
+L<BN_generate_prime(3)>, L<BN_set_bit(3)>,
+L<BN_bn2bin(3)>, L<BN_mod_inverse(3)>,
+L<BN_mod_mul_reciprocal(3)>,
+L<BN_mod_mul_montgomery(3)>,
+L<BN_BLINDING_new(3)>
 
 =cut
diff --git a/doc/crypto/bn_internal.pod b/doc/crypto/bn_internal.pod
index 91840b0f0d..e609a0810c 100644
--- a/doc/crypto/bn_internal.pod
+++ b/doc/crypto/bn_internal.pod
@@ -105,7 +105,7 @@ B<BIGNUM> variables during their execution.  Since dynamic memory
 allocation to create B<BIGNUM>s is rather expensive when used in
 conjunction with repeated subroutine calls, the B<BN_CTX> structure is
 used.  This structure contains B<BN_CTX_NUM> B<BIGNUM>s, see
-L<BN_CTX_start(3)|BN_CTX_start(3)>.
+L<BN_CTX_start(3)>.
 
 =head2 Low-level arithmetic operations
 
@@ -233,6 +233,6 @@ and bn_set_max() are defined as empty macros.
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>
+L<bn(3)>
 
 =cut
diff --git a/doc/crypto/buffer.pod b/doc/crypto/buffer.pod
index 3804c5649b..c56cc89ab6 100644
--- a/doc/crypto/buffer.pod
+++ b/doc/crypto/buffer.pod
@@ -71,7 +71,7 @@ BUF_MEM_grow() returns zero on error or the new size (i.e. B<len>).
 
 =head1 SEE ALSO
 
-L<bio(3)|bio(3)>,
+L<bio(3)>,
 L<CRYPTO_secure_malloc(3)>.
 
 =head1 HISTORY
diff --git a/doc/crypto/crypto.pod b/doc/crypto/crypto.pod
index f18edfe305..b8f4fb8df4 100644
--- a/doc/crypto/crypto.pod
+++ b/doc/crypto/crypto.pod
@@ -27,38 +27,38 @@ hash functions and a cryptographic pseudo-random number generator.
 
 =item SYMMETRIC CIPHERS
 
-L<blowfish(3)|blowfish(3)>, L<cast(3)|cast(3)>, L<des(3)|des(3)>,
-L<idea(3)|idea(3)>, L<rc2(3)|rc2(3)>, L<rc4(3)|rc4(3)>, L<rc5(3)|rc5(3)> 
+L<blowfish(3)>, L<cast(3)>, L<des(3)>,
+L<idea(3)>, L<rc2(3)>, L<rc4(3)>, L<rc5(3)> 
 
 =item PUBLIC KEY CRYPTOGRAPHY AND KEY AGREEMENT
 
-L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rsa(3)|rsa(3)>
+L<dsa(3)>, L<dh(3)>, L<rsa(3)>
 
 =item CERTIFICATES
 
-L<x509(3)|x509(3)>, L<x509v3(3)|x509v3(3)>
+L<x509(3)>, L<x509v3(3)>
 
 =item AUTHENTICATION CODES, HASH FUNCTIONS
 
-L<hmac(3)|hmac(3)>, L<md2(3)|md2(3)>, L<md4(3)|md4(3)>,
-L<md5(3)|md5(3)>, L<mdc2(3)|mdc2(3)>, L<ripemd(3)|ripemd(3)>,
-L<sha(3)|sha(3)>
+L<hmac(3)>, L<md2(3)>, L<md4(3)>,
+L<md5(3)>, L<mdc2(3)>, L<ripemd(3)>,
+L<sha(3)>
 
 =item AUXILIARY FUNCTIONS
 
-L<err(3)|err(3)>, L<threads(3)|threads(3)>, L<rand(3)|rand(3)>,
-L<OPENSSL_VERSION_NUMBER(3)|OPENSSL_VERSION_NUMBER(3)>
+L<err(3)>, L<threads(3)>, L<rand(3)>,
+L<OPENSSL_VERSION_NUMBER(3)>
 
 =item INPUT/OUTPUT, DATA ENCODING
 
-L<asn1(3)|asn1(3)>, L<bio(3)|bio(3)>, L<evp(3)|evp(3)>, L<pem(3)|pem(3)>,
-L<pkcs7(3)|pkcs7(3)>, L<pkcs12(3)|pkcs12(3)> 
+L<asn1(3)>, L<bio(3)>, L<evp(3)>, L<pem(3)>,
+L<pkcs7(3)>, L<pkcs12(3)> 
 
 =item INTERNAL FUNCTIONS
 
-L<bn(3)|bn(3)>, L<buffer(3)|buffer(3)>, L<ec(3)|ec(3)>, L<lhash(3)|lhash(3)>,
-L<objects(3)|objects(3)>, L<stack(3)|stack(3)>,
-L<txt_db(3)|txt_db(3)> 
+L<bn(3)>, L<buffer(3)>, L<ec(3)>, L<lhash(3)>,
+L<objects(3)>, L<stack(3)>,
+L<txt_db(3)> 
 
 =back
 
@@ -80,6 +80,6 @@ so both (B<x> and B<obj> above) should be freed up.
 
 =head1 SEE ALSO
 
-L<openssl(1)|openssl(1)>, L<ssl(3)|ssl(3)>
+L<openssl(1)>, L<ssl(3)>
 
 =cut
diff --git a/doc/crypto/d2i_ASN1_OBJECT.pod b/doc/crypto/d2i_ASN1_OBJECT.pod
index d9a691217d..32c6b05053 100644
--- a/doc/crypto/d2i_ASN1_OBJECT.pod
+++ b/doc/crypto/d2i_ASN1_OBJECT.pod
@@ -16,11 +16,11 @@ d2i_ASN1_OBJECT, i2d_ASN1_OBJECT - ASN1 OBJECT IDENTIFIER functions
 These functions decode and encode an ASN1 OBJECT IDENTIFIER.
 
 Otherwise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_CMS_ContentInfo.pod b/doc/crypto/d2i_CMS_ContentInfo.pod
index 6ddb2f6d05..463f617332 100644
--- a/doc/crypto/d2i_CMS_ContentInfo.pod
+++ b/doc/crypto/d2i_CMS_ContentInfo.pod
@@ -16,11 +16,11 @@ d2i_CMS_ContentInfo, i2d_CMS_ContentInfo - CMS ContentInfo functions
 These functions decode and encode an CMS ContentInfo structure.
 
 Otherwise they behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_DHparams.pod b/doc/crypto/d2i_DHparams.pod
index d8bdf220de..f13d0b59d2 100644
--- a/doc/crypto/d2i_DHparams.pod
+++ b/doc/crypto/d2i_DHparams.pod
@@ -17,11 +17,11 @@ These functions decode and encode PKCS#3 DH parameters using the
 DHparameter structure described in PKCS#3.
 
 Otherwise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_DSAPublicKey.pod b/doc/crypto/d2i_DSAPublicKey.pod
index 44451cfea5..549fab0f8e 100644
--- a/doc/crypto/d2i_DSAPublicKey.pod
+++ b/doc/crypto/d2i_DSAPublicKey.pod
@@ -49,7 +49,7 @@ d2i_DSA_SIG(), i2d_DSA_SIG() decode and encode a DSA signature using a
 B<Dss-Sig-Value> structure as defined in RFC2459.
 
 The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+i2d_X509() described in the L<d2i_X509(3)> manual page.
 
 =head1 NOTES
 
@@ -74,7 +74,7 @@ B<priv_key> fields respectively.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_ECPKParameters.pod b/doc/crypto/d2i_ECPKParameters.pod
index 704b4ab352..abb6f4f1a4 100644
--- a/doc/crypto/d2i_ECPKParameters.pod
+++ b/doc/crypto/d2i_ECPKParameters.pod
@@ -58,7 +58,7 @@ i2d_ECPKParameters_fp() is similar to i2d_ECPKParameters() except it writes
 the encoding of the structure B<x> to BIO B<bp> and it
 returns 1 for success and 0 for failure.
 
-These functions are very similar to the X509 functions described in L<d2i_X509(3)|d2i_X509(3)>,
+These functions are very similar to the X509 functions described in L<d2i_X509(3)>,
 where further notes and examples are available.
 
 The ECPKParameters_print and ECPKParameters_print_fp functions print a human-readable output
@@ -77,8 +77,8 @@ return 1 for success and 0 if an error occurs.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_X509(3)|d2i_X509(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_X509(3)>
 
 =cut
diff --git a/doc/crypto/d2i_ECPrivateKey.pod b/doc/crypto/d2i_ECPrivateKey.pod
index adeffe643c..0859579133 100644
--- a/doc/crypto/d2i_ECPrivateKey.pod
+++ b/doc/crypto/d2i_ECPrivateKey.pod
@@ -21,11 +21,11 @@ The ECPrivateKey encode and decode routines encode and parse an
 B<EC_KEY> structure into a binary format (ASN.1 DER) and back again.
 
 These functions are similar to the d2i_X509() functions, and you should refer to
-that page for a detailed description (see L<d2i_X509(3)|d2i_X509(3)>).
+that page for a detailed description (see L<d2i_X509(3)>).
 
 The format of the external representation of the public key written by
 i2d_ECPrivateKey (such as whether it is stored in a compressed form or not) is
-described by the point_conversion_form. See L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>
+described by the point_conversion_form. See L<EC_GROUP_copy(3)>
 for a description of point_conversion_form.
 
 When reading a private key encoded without an associated public key (e.g. if
@@ -46,22 +46,22 @@ set then the public key is not encoded along with the private key.
 
 d2i_ECPrivateKey() returns a valid B<EC_KEY> structure or B<NULL> if an error
 occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 i2d_ECPrivateKey() returns the number of bytes successfully encoded or a
 negative value if an error occurs. The error code can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>.
+L<ERR_get_error(3)>.
 
 EC_KEY_get_enc_flags returns the value of the current encoding flags for the
 EC_KEY.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<ec(3)|ec(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>,
-L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>, L<EC_POINT_new(3)|EC_POINT_new(3)>,
-L<EC_POINT_add(3)|EC_POINT_add(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>,
-L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>,
-L<d2i_ECPrivateKey(3)|d2i_ECPrivateKey(3)>
+L<crypto(3)>, L<ec(3)>, L<EC_GROUP_new(3)>,
+L<EC_GROUP_copy(3)>, L<EC_POINT_new(3)>,
+L<EC_POINT_add(3)>,
+L<EC_GFp_simple_method(3)>,
+L<d2i_ECPKParameters(3)>,
+L<d2i_ECPrivateKey(3)>
 
 =cut
diff --git a/doc/crypto/d2i_PKCS8PrivateKey.pod b/doc/crypto/d2i_PKCS8PrivateKey.pod
index a54b779088..a4213faf69 100644
--- a/doc/crypto/d2i_PKCS8PrivateKey.pod
+++ b/doc/crypto/d2i_PKCS8PrivateKey.pod
@@ -35,11 +35,11 @@ The PKCS#8 functions encode and decode private keys in PKCS#8 format using both
 PKCS#5 v1.5 and PKCS#5 v2.0 password based encryption algorithms.
 
 Other than the use of DER as opposed to PEM these functions are identical to the
-corresponding B<PEM> function as described in the L<pem(3)|pem(3)> manual page.
+corresponding B<PEM> function as described in the L<pem(3)> manual page.
 
 =head1 NOTES
 
-Before using these functions L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>
+Before using these functions L<OpenSSL_add_all_algorithms(3)>
 should be called to initialize the internal algorithm lookup tables otherwise errors about
 unknown algorithms will occur if an attempt is made to decrypt a private key. 
 
@@ -47,10 +47,10 @@ These functions are currently the only way to store encrypted private keys using
 
 Currently all the functions use BIOs or FILE pointers, there are no functions which
 work directly on memory: this can be readily worked around by converting the buffers
-to memory BIOs, see L<BIO_s_mem(3)|BIO_s_mem(3)> for details.
+to memory BIOs, see L<BIO_s_mem(3)> for details.
 
 =head1 SEE ALSO
 
-L<pem(3)|pem(3)>
+L<pem(3)>
 
 =cut
diff --git a/doc/crypto/d2i_RSAPublicKey.pod b/doc/crypto/d2i_RSAPublicKey.pod
index aa6078bcf6..9786d75201 100644
--- a/doc/crypto/d2i_RSAPublicKey.pod
+++ b/doc/crypto/d2i_RSAPublicKey.pod
@@ -42,7 +42,7 @@ d2i_Netscape_RSA(), i2d_Netscape_RSA() decode and encode an RSA private key in
 NET format.
 
 The usage of all of these functions is similar to the d2i_X509() and
-i2d_X509() described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+i2d_X509() described in the L<d2i_X509(3)> manual page.
 
 =head1 NOTES
 
@@ -58,7 +58,7 @@ avoided if possible.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509.pod b/doc/crypto/d2i_X509.pod
index 5b7c16fd03..8a5a9c91fd 100644
--- a/doc/crypto/d2i_X509.pod
+++ b/doc/crypto/d2i_X509.pod
@@ -236,21 +236,21 @@ i2d_re_X509_tbs().
 
 d2i_X509(), d2i_X509_bio() and d2i_X509_fp() return a valid B<X509> structure
 or B<NULL> if an error occurs. The error code that can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. If the "reuse" capability has been used
+L<ERR_get_error(3)>. If the "reuse" capability has been used
 with a valid X509 structure being passed in via B<px> then the object is not
 freed in the event of error but may be in a potentially invalid or inconsistent
 state.
 
 i2d_X509() returns the number of bytes successfully encoded or a negative
 value if an error occurs. The error code can be obtained by
-L<ERR_get_error(3)|ERR_get_error(3)>. 
+L<ERR_get_error(3)>. 
 
 i2d_X509_bio() and i2d_X509_fp() return 1 for success and 0 if an error 
-occurs The error code can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>. 
+occurs The error code can be obtained by L<ERR_get_error(3)>. 
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>
+L<ERR_get_error(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509_ALGOR.pod b/doc/crypto/d2i_X509_ALGOR.pod
index 09849b53c8..fb8a75d26e 100644
--- a/doc/crypto/d2i_X509_ALGOR.pod
+++ b/doc/crypto/d2i_X509_ALGOR.pod
@@ -23,7 +23,7 @@ The functions d2i_X509() and i2d_X509() decode and encode an B<X509_ALGOR>
 structure which is equivalent to the B<AlgorithmIdentifier> structure.
 
 Otherwise they behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 X509_ALGOR_dup() returns a copy of B<alg>.
 
@@ -46,7 +46,7 @@ encodings and non-zero otherwise.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509_CRL.pod b/doc/crypto/d2i_X509_CRL.pod
index 5ace93ae41..dfa33346b9 100644
--- a/doc/crypto/d2i_X509_CRL.pod
+++ b/doc/crypto/d2i_X509_CRL.pod
@@ -24,11 +24,11 @@ These functions decode and encode an X509 CRL (certificate revocation
 list).
 
 Otherwise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509_NAME.pod b/doc/crypto/d2i_X509_NAME.pod
index fe0b6c0999..69f3762236 100644
--- a/doc/crypto/d2i_X509_NAME.pod
+++ b/doc/crypto/d2i_X509_NAME.pod
@@ -18,11 +18,11 @@ the same as the B<Name> type defined in RFC2459 (and elsewhere) and used
 for example in certificate subject and issuer names.
 
 Otherwise the functions behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509_REQ.pod b/doc/crypto/d2i_X509_REQ.pod
index 3a52df4ce1..1b2a58871c 100644
--- a/doc/crypto/d2i_X509_REQ.pod
+++ b/doc/crypto/d2i_X509_REQ.pod
@@ -23,11 +23,11 @@ i2d_X509_REQ_bio, i2d_X509_REQ_fp - PKCS#10 certificate request functions.
 These functions decode and encode a PKCS#10 certificate request.
 
 Otherwise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/d2i_X509_SIG.pod b/doc/crypto/d2i_X509_SIG.pod
index 38a6f20d63..3efb556a06 100644
--- a/doc/crypto/d2i_X509_SIG.pod
+++ b/doc/crypto/d2i_X509_SIG.pod
@@ -17,11 +17,11 @@ These functions decode and encode an X509_SIG structure which is
 equivalent to the B<DigestInfo> structure defined in PKCS#1 and PKCS#7.
 
 Otherwise these behave in a similar way to d2i_X509() and i2d_X509()
-described in the L<d2i_X509(3)|d2i_X509(3)> manual page.
+described in the L<d2i_X509(3)> manual page.
 
 =head1 SEE ALSO
 
-L<d2i_X509(3)|d2i_X509(3)>
+L<d2i_X509(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/des.pod b/doc/crypto/des.pod
index 6742a4cfb6..a6938aa79a 100644
--- a/doc/crypto/des.pod
+++ b/doc/crypto/des.pod
@@ -111,7 +111,7 @@ each byte is the parity bit.  The key schedule is an expanded form of
 the key; it is used to speed the encryption process.
 
 DES_random_key() generates a random key.  The PRNG must be seeded
-prior to using this function (see L<rand(3)|rand(3)>).  If the PRNG
+prior to using this function (see L<rand(3)>).  If the PRNG
 could not generate a secure key, 0 is returned.
 
 Before a DES key can be used, it must be converted into the
@@ -226,7 +226,7 @@ DES_cbc_cksum() produces an 8 byte checksum based on the input stream
 (via CBC encryption).  The last 4 bytes of the checksum are returned
 and the complete 8 bytes are placed in I<output>. This function is
 used by Kerberos v4.  Other applications should use
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead.
+L<EVP_DigestInit(3)> etc. instead.
 
 DES_quad_cksum() is a Kerberos v4 function.  It returns a 4 byte
 checksum from the input bytes.  The algorithm can be iterated over the
@@ -306,11 +306,11 @@ the MIT Kerberos library.
 =head1 NOTES
 
 Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling these
+L<EVP_EncryptInit(3)> etc. instead of calling these
 functions directly.
 
 Single-key DES is insecure due to its short key size.  ECB mode is
-not suitable for most applications; see L<des_modes(7)|des_modes(7)>.
+not suitable for most applications; see L<des_modes(7)>.
 
 =head1 AUTHOR
 
@@ -319,7 +319,7 @@ Eric Young (eay@cryptsoft.com). Modified for the OpenSSL project
 
 =head1 SEE ALSO
 
-L<des_modes(7)|des_modes(7)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+L<des_modes(7)>,
+L<EVP_EncryptInit(3)>
 
 =cut
diff --git a/doc/crypto/des_modes.pod b/doc/crypto/des_modes.pod
index e883ca8fde..bd6a358aeb 100644
--- a/doc/crypto/des_modes.pod
+++ b/doc/crypto/des_modes.pod
@@ -248,8 +248,8 @@ it to:
 
 =head1 SEE ALSO
 
-L<blowfish(3)|blowfish(3)>, L<des(3)|des(3)>, L<idea(3)|idea(3)>,
-L<rc2(3)|rc2(3)>
+L<blowfish(3)>, L<des(3)>, L<idea(3)>,
+L<rc2(3)>
 
 =cut
 
diff --git a/doc/crypto/dh.pod b/doc/crypto/dh.pod
index 1c8a327458..6115e8c257 100644
--- a/doc/crypto/dh.pod
+++ b/doc/crypto/dh.pod
@@ -40,7 +40,7 @@ dh - Diffie-Hellman key agreement
 
 These functions implement the Diffie-Hellman key agreement protocol.
 The generation of shared DH parameters is described in
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>; L<DH_generate_key(3)|DH_generate_key(3)> describes how
+L<DH_generate_parameters(3)>; L<DH_generate_key(3)> describes how
 to perform a key agreement.
 
 The B<DH> structure consists of several BIGNUM components.
@@ -65,12 +65,12 @@ modify keys.
 
 =head1 SEE ALSO
 
-L<dhparam(1)|dhparam(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<err(3)|err(3)>,
-L<rand(3)|rand(3)>, L<rsa(3)|rsa(3)>, L<engine(3)|engine(3)>,
-L<DH_set_method(3)|DH_set_method(3)>, L<DH_new(3)|DH_new(3)>,
-L<DH_get_ex_new_index(3)|DH_get_ex_new_index(3)>,
-L<DH_generate_parameters(3)|DH_generate_parameters(3)>,
-L<DH_compute_key(3)|DH_compute_key(3)>, L<d2i_DHparams(3)|d2i_DHparams(3)>,
-L<RSA_print(3)|RSA_print(3)> 
+L<dhparam(1)>, L<bn(3)>, L<dsa(3)>, L<err(3)>,
+L<rand(3)>, L<rsa(3)>, L<engine(3)>,
+L<DH_set_method(3)>, L<DH_new(3)>,
+L<DH_get_ex_new_index(3)>,
+L<DH_generate_parameters(3)>,
+L<DH_compute_key(3)>, L<d2i_DHparams(3)>,
+L<RSA_print(3)> 
 
 =cut
diff --git a/doc/crypto/dsa.pod b/doc/crypto/dsa.pod
index da07d2b930..f0b74c1f4e 100644
--- a/doc/crypto/dsa.pod
+++ b/doc/crypto/dsa.pod
@@ -65,10 +65,10 @@ dsa - Digital Signature Algorithm
 
 These functions implement the Digital Signature Algorithm (DSA).  The
 generation of shared DSA parameters is described in
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>;
-L<DSA_generate_key(3)|DSA_generate_key(3)> describes how to
+L<DSA_generate_parameters(3)>;
+L<DSA_generate_key(3)> describes how to
 generate a signature key. Signature generation and verification are
-described in L<DSA_sign(3)|DSA_sign(3)>.
+described in L<DSA_sign(3)>.
 
 The B<DSA> structure consists of several BIGNUM components.
 
@@ -100,15 +100,15 @@ Standard, DSS), ANSI X9.30
 
 =head1 SEE ALSO
 
-L<bn(3)|bn(3)>, L<dh(3)|dh(3)>, L<err(3)|err(3)>, L<rand(3)|rand(3)>,
-L<rsa(3)|rsa(3)>, L<sha(3)|sha(3)>, L<engine(3)|engine(3)>,
-L<DSA_new(3)|DSA_new(3)>,
-L<DSA_size(3)|DSA_size(3)>,
-L<DSA_generate_parameters(3)|DSA_generate_parameters(3)>,
-L<DSA_dup_DH(3)|DSA_dup_DH(3)>,
-L<DSA_generate_key(3)|DSA_generate_key(3)>,
-L<DSA_sign(3)|DSA_sign(3)>, L<DSA_set_method(3)|DSA_set_method(3)>,
-L<DSA_get_ex_new_index(3)|DSA_get_ex_new_index(3)>,
-L<RSA_print(3)|RSA_print(3)>
+L<bn(3)>, L<dh(3)>, L<err(3)>, L<rand(3)>,
+L<rsa(3)>, L<sha(3)>, L<engine(3)>,
+L<DSA_new(3)>,
+L<DSA_size(3)>,
+L<DSA_generate_parameters(3)>,
+L<DSA_dup_DH(3)>,
+L<DSA_generate_key(3)>,
+L<DSA_sign(3)>, L<DSA_set_method(3)>,
+L<DSA_get_ex_new_index(3)>,
+L<RSA_print(3)>
 
 =cut
diff --git a/doc/crypto/ec.pod b/doc/crypto/ec.pod
index aee0fdf234..515dd2966e 100644
--- a/doc/crypto/ec.pod
+++ b/doc/crypto/ec.pod
@@ -180,22 +180,22 @@ for different scenarios. No matter which implementation is being used, the inter
 handles calling the correct implementation when an interface function is invoked. An implementation is represented by
 an B<EC_METHOD> structure.
 
-The creation and destruction of B<EC_GROUP> objects is described in L<EC_GROUP_new(3)|EC_GROUP_new(3)>. Functions for
-manipulating B<EC_GROUP> objects are described in L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>.
+The creation and destruction of B<EC_GROUP> objects is described in L<EC_GROUP_new(3)>. Functions for
+manipulating B<EC_GROUP> objects are described in L<EC_GROUP_copy(3)>.
 
-Functions for creating, destroying and manipulating B<EC_POINT> objects are explained in L<EC_POINT_new(3)|EC_POINT_new(3)>,
-whilst functions for performing mathematical operations and tests on B<EC_POINTs> are covered in L<EC_POINT_add(3)|EC_POINT_add(3)>.
+Functions for creating, destroying and manipulating B<EC_POINT> objects are explained in L<EC_POINT_new(3)>,
+whilst functions for performing mathematical operations and tests on B<EC_POINTs> are covered in L<EC_POINT_add(3)>.
 
-For working with private and public keys refer to L<EC_KEY_new(3)|EC_KEY_new(3)>. Implementations are covered in
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>.
+For working with private and public keys refer to L<EC_KEY_new(3)>. Implementations are covered in
+L<EC_GFp_simple_method(3)>.
 
-For information on encoding and decoding curve parameters to and from ASN1 see L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>.
+For information on encoding and decoding curve parameters to and from ASN1 see L<d2i_ECPKParameters(3)>.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>, L<EC_GROUP_new(3)|EC_GROUP_new(3)>, L<EC_GROUP_copy(3)|EC_GROUP_copy(3)>,
-L<EC_POINT_new(3)|EC_POINT_new(3)>, L<EC_POINT_add(3)|EC_POINT_add(3)>, L<EC_KEY_new(3)|EC_KEY_new(3)>,
-L<EC_GFp_simple_method(3)|EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)|d2i_ECPKParameters(3)>
+L<crypto(3)>, L<EC_GROUP_new(3)>, L<EC_GROUP_copy(3)>,
+L<EC_POINT_new(3)>, L<EC_POINT_add(3)>, L<EC_KEY_new(3)>,
+L<EC_GFp_simple_method(3)>, L<d2i_ECPKParameters(3)>
 
 
 =cut
diff --git a/doc/crypto/ecdsa.pod b/doc/crypto/ecdsa.pod
index 46c071b733..f49d2cedaf 100644
--- a/doc/crypto/ecdsa.pod
+++ b/doc/crypto/ecdsa.pod
@@ -119,7 +119,7 @@ on error.
 
 ECDSA_verify() and ECDSA_do_verify() return 1 for a valid
 signature, 0 for an invalid signature and -1 on error.
-The error codes can be obtained by L<ERR_get_error(3)|ERR_get_error(3)>.
+The error codes can be obtained by L<ERR_get_error(3)>.
 
 =head1 EXAMPLES
 
@@ -193,7 +193,7 @@ ANSI X9.62, US Federal Information Processing Standard FIPS 186-2
 
 =head1 SEE ALSO
 
-L<dsa(3)|dsa(3)>, L<rsa(3)|rsa(3)>
+L<dsa(3)>, L<rsa(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/engine.pod b/doc/crypto/engine.pod
index 7f6cd43cff..c1be658319 100644
--- a/doc/crypto/engine.pod
+++ b/doc/crypto/engine.pod
@@ -594,6 +594,6 @@ implementations.
 
 =head1 SEE ALSO
 
-L<rsa(3)|rsa(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>, L<rand(3)|rand(3)>
+L<rsa(3)>, L<dsa(3)>, L<dh(3)>, L<rand(3)>
 
 =cut
diff --git a/doc/crypto/err.pod b/doc/crypto/err.pod
index 1a19a19a80..1a3c223526 100644
--- a/doc/crypto/err.pod
+++ b/doc/crypto/err.pod
@@ -51,18 +51,18 @@ by the return value, and an error code is stored in an error queue
 associated with the current thread. The B<err> library provides
 functions to obtain these error codes and textual error messages.
 
-The L<ERR_get_error(3)|ERR_get_error(3)> manpage describes how to
+The L<ERR_get_error(3)> manpage describes how to
 access error codes.
 
 Error codes contain information about where the error occurred, and
-what went wrong. L<ERR_GET_LIB(3)|ERR_GET_LIB(3)> describes how to
+what went wrong. L<ERR_GET_LIB(3)> describes how to
 extract this information. A method to obtain human-readable error
-messages is described in L<ERR_error_string(3)|ERR_error_string(3)>.
+messages is described in L<ERR_error_string(3)>.
 
-L<ERR_clear_error(3)|ERR_clear_error(3)> can be used to clear the
+L<ERR_clear_error(3)> can be used to clear the
 error queue.
 
-Note that L<ERR_remove_state(3)|ERR_remove_state(3)> should be used to
+Note that L<ERR_remove_state(3)> should be used to
 avoid memory leaks when threads are terminated.
 
 =head1 ADDING NEW ERROR CODES TO OPENSSL
@@ -171,16 +171,16 @@ ERR_get_string_table(void) respectively.
 
 =head1 SEE ALSO
 
-L<CRYPTO_set_locking_callback(3)|CRYPTO_set_locking_callback(3)>,
-L<ERR_get_error(3)|ERR_get_error(3)>,
-L<ERR_GET_LIB(3)|ERR_GET_LIB(3)>,
-L<ERR_clear_error(3)|ERR_clear_error(3)>,
-L<ERR_error_string(3)|ERR_error_string(3)>,
-L<ERR_print_errors(3)|ERR_print_errors(3)>,
-L<ERR_load_crypto_strings(3)|ERR_load_crypto_strings(3)>,
-L<ERR_remove_state(3)|ERR_remove_state(3)>,
-L<ERR_put_error(3)|ERR_put_error(3)>,
-L<ERR_load_strings(3)|ERR_load_strings(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>
+L<CRYPTO_set_locking_callback(3)>,
+L<ERR_get_error(3)>,
+L<ERR_GET_LIB(3)>,
+L<ERR_clear_error(3)>,
+L<ERR_error_string(3)>,
+L<ERR_print_errors(3)>,
+L<ERR_load_crypto_strings(3)>,
+L<ERR_remove_state(3)>,
+L<ERR_put_error(3)>,
+L<ERR_load_strings(3)>,
+L<SSL_get_error(3)>
 
 =cut
diff --git a/doc/crypto/evp.pod b/doc/crypto/evp.pod
index 29fab9fd51..58ce83de8c 100644
--- a/doc/crypto/evp.pod
+++ b/doc/crypto/evp.pod
@@ -27,44 +27,44 @@ functions.  The L<B<EVP_Digest>I<...>|EVP_DigestInit(3)> functions provide messa
 
 The B<EVP_PKEY>I<...> functions provide a high level interface to
 asymmetric algorithms. To create a new EVP_PKEY see
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>. EVP_PKEYs can be associated
+L<EVP_PKEY_new(3)>. EVP_PKEYs can be associated
 with a private key of a particular algorithm by using the functions
-described on the L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)> page, or
-new keys can be generated using L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>.
-EVP_PKEYs can be compared using L<EVP_PKEY_cmp(3)|EVP_PKEY_cmp(3)>, or printed using
-L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>.
+described on the L<EVP_PKEY_set1_RSA(3)> page, or
+new keys can be generated using L<EVP_PKEY_keygen(3)>.
+EVP_PKEYs can be compared using L<EVP_PKEY_cmp(3)>, or printed using
+L<EVP_PKEY_print_private(3)>.
 
 The EVP_PKEY functions support the full range of asymmetric algorithm operations:
 
 =over
 
-=item For key agreement see L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>
+=item For key agreement see L<EVP_PKEY_derive(3)>
 
-=item For signing and verifying see L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)> and L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>.
+=item For signing and verifying see L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)> and L<EVP_PKEY_verify_recover(3)>.
 However, note that
 these functions do not perform a digest of the data to be signed. Therefore
-normally you would use the L<B<EVP_DigestSign>I<...>|EVP_DigestSignInit(3)>
+normally you would use the L<EVP_DigestSignInit(3)>
 functions for this purpose.
 
-=item For encryption and decryption see L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>
-and L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)> respectively. However, note that
+=item For encryption and decryption see L<EVP_PKEY_encrypt(3)>
+and L<EVP_PKEY_decrypt(3)> respectively. However, note that
 these functions perform encryption and decryption only. As public key
 encryption is an expensive operation, normally you would wrap
-an encrypted message in a "digital envelope" using the L<B<EVP_Seal>I<...>|EVP_SealInit(3)> and
-L<B<EVP_Open>I<...>|EVP_OpenInit(3)> functions.
+an encrypted message in a "digital envelope" using the L<EVP_SealInit(3)> and
+L<EVP_OpenInit(3)> functions.
 
 =back
 
-The L<EVP_BytesToKey(3)|EVP_BytesToKey(3)> function provides some limited support for password
+The L<EVP_BytesToKey(3)> function provides some limited support for password
 based encryption. Careful selection of the parameters will provide a PKCS#5 PBKDF1 compatible
 implementation. However, new applications should not typically use this (preferring, for example,
 PBKDF2 from PCKS#5).
 
-Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>.
+Algorithms are loaded with L<OpenSSL_add_all_algorithms(3)>.
 
 All the symmetric algorithms (ciphers), digests and asymmetric algorithms
-(public key algorithms) can be replaced by L<ENGINE|engine(3)> modules providing alternative
+(public key algorithms) can be replaced by L<engine(3)> modules providing alternative
 implementations. If ENGINE implementations of ciphers or digests are registered
 as defaults, then the various EVP functions will automatically use those
 implementations automatically in preference to built in software
@@ -79,25 +79,25 @@ using the high level interface.
 
 =head1 SEE ALSO
 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>,
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>,
-L<EVP_OpenInit(3)|EVP_OpenInit(3)>,
-L<EVP_SealInit(3)|EVP_SealInit(3)>,
-L<EVP_DigestSignInit(3)|EVP_DigestSignInit(3)>,
-L<EVP_SignInit(3)|EVP_SignInit(3)>,
-L<EVP_VerifyInit(3)|EVP_VerifyInit(3)>,
-L<EVP_PKEY_new(3)|EVP_PKEY_new(3)>,
-L<EVP_PKEY_set1_RSA(3)|EVP_PKEY_set1_RSA(3)>,
-L<EVP_PKEY_keygen(3)|EVP_PKEY_keygen(3)>,
-L<EVP_PKEY_print_private(3)|EVP_PKEY_print_private(3)>,
-L<EVP_PKEY_decrypt(3)|EVP_PKEY_decrypt(3)>,
-L<EVP_PKEY_encrypt(3)|EVP_PKEY_encrypt(3)>,
-L<EVP_PKEY_sign(3)|EVP_PKEY_sign(3)>,
-L<EVP_PKEY_verify(3)|EVP_PKEY_verify(3)>,
-L<EVP_PKEY_verify_recover(3)|EVP_PKEY_verify_recover(3)>,
-L<EVP_PKEY_derive(3)|EVP_PKEY_derive(3)>,
-L<EVP_BytesToKey(3)|EVP_BytesToKey(3)>,
-L<OpenSSL_add_all_algorithms(3)|OpenSSL_add_all_algorithms(3)>,
-L<engine(3)|engine(3)>
+L<EVP_DigestInit(3)>,
+L<EVP_EncryptInit(3)>,
+L<EVP_OpenInit(3)>,
+L<EVP_SealInit(3)>,
+L<EVP_DigestSignInit(3)>,
+L<EVP_SignInit(3)>,
+L<EVP_VerifyInit(3)>,
+L<EVP_PKEY_new(3)>,
+L<EVP_PKEY_set1_RSA(3)>,
+L<EVP_PKEY_keygen(3)>,
+L<EVP_PKEY_print_private(3)>,
+L<EVP_PKEY_decrypt(3)>,
+L<EVP_PKEY_encrypt(3)>,
+L<EVP_PKEY_sign(3)>,
+L<EVP_PKEY_verify(3)>,
+L<EVP_PKEY_verify_recover(3)>,
+L<EVP_PKEY_derive(3)>,
+L<EVP_BytesToKey(3)>,
+L<OpenSSL_add_all_algorithms(3)>,
+L<engine(3)>
 
 =cut
diff --git a/doc/crypto/hmac.pod b/doc/crypto/hmac.pod
index 58a57f47bb..372a0f403e 100644
--- a/doc/crypto/hmac.pod
+++ b/doc/crypto/hmac.pod
@@ -90,7 +90,7 @@ RFC 2104
 
 =head1 SEE ALSO
 
-L<sha(3)|sha(3)>, L<evp(3)|evp(3)>
+L<sha(3)>, L<evp(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/i2d_CMS_bio_stream.pod b/doc/crypto/i2d_CMS_bio_stream.pod
index 558bdd0812..42b06c2b9f 100644
--- a/doc/crypto/i2d_CMS_bio_stream.pod
+++ b/doc/crypto/i2d_CMS_bio_stream.pod
@@ -31,11 +31,11 @@ i2d_CMS_bio_stream() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<CMS_sign(3)|CMS_sign(3)>,
-L<CMS_verify(3)|CMS_verify(3)>, L<CMS_encrypt(3)|CMS_encrypt(3)>
-L<CMS_decrypt(3)|CMS_decrypt(3)>,
-L<SMIME_write_CMS(3)|SMIME_write_CMS(3)>,
-L<PEM_write_bio_CMS_stream(3)|PEM_write_bio_CMS_stream(3)>
+L<ERR_get_error(3)>, L<CMS_sign(3)>,
+L<CMS_verify(3)>, L<CMS_encrypt(3)>
+L<CMS_decrypt(3)>,
+L<SMIME_write_CMS(3)>,
+L<PEM_write_bio_CMS_stream(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/i2d_PKCS7_bio_stream.pod b/doc/crypto/i2d_PKCS7_bio_stream.pod
index a37231e267..7a96cf9591 100644
--- a/doc/crypto/i2d_PKCS7_bio_stream.pod
+++ b/doc/crypto/i2d_PKCS7_bio_stream.pod
@@ -31,11 +31,11 @@ i2d_PKCS7_bio_stream() returns 1 for success or 0 for failure.
 
 =head1 SEE ALSO
 
-L<ERR_get_error(3)|ERR_get_error(3)>, L<PKCS7_sign(3)|PKCS7_sign(3)>,
-L<PKCS7_verify(3)|PKCS7_verify(3)>, L<PKCS7_encrypt(3)|PKCS7_encrypt(3)>
-L<PKCS7_decrypt(3)|PKCS7_decrypt(3)>,
-L<SMIME_write_PKCS7(3)|SMIME_write_PKCS7(3)>,
-L<PEM_write_bio_PKCS7_stream(3)|PEM_write_bio_PKCS7_stream(3)>
+L<ERR_get_error(3)>, L<PKCS7_sign(3)>,
+L<PKCS7_verify(3)>, L<PKCS7_encrypt(3)>
+L<PKCS7_decrypt(3)>,
+L<SMIME_write_PKCS7(3)>,
+L<PEM_write_bio_PKCS7_stream(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/lh_stats.pod b/doc/crypto/lh_stats.pod
index 3eeaa72e52..2a78c145bb 100644
--- a/doc/crypto/lh_stats.pod
+++ b/doc/crypto/lh_stats.pod
@@ -49,7 +49,7 @@ These functions do not return values.
 
 =head1 SEE ALSO
 
-L<bio(3)|bio(3)>, L<lhash(3)|lhash(3)>
+L<bio(3)>, L<lhash(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/lhash.pod b/doc/crypto/lhash.pod
index 73a19b6c7e..25410fa1b5 100644
--- a/doc/crypto/lhash.pod
+++ b/doc/crypto/lhash.pod
@@ -282,7 +282,7 @@ used in the function passed to lh_<type>_new().
 
 =head1 SEE ALSO
 
-L<lh_stats(3)|lh_stats(3)>
+L<lh_stats(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/md5.pod b/doc/crypto/md5.pod
index 41a547898a..a8c0718ea2 100644
--- a/doc/crypto/md5.pod
+++ b/doc/crypto/md5.pod
@@ -64,7 +64,7 @@ MD4_Init(), MD4_Update(), MD4_Final(), MD5_Init(), MD5_Update(), and
 MD5_Final() are analogous using an B<MD4_CTX> and B<MD5_CTX> structure.
 
 Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<EVP_DigestInit(3)>
 etc. instead of calling the hash functions directly.
 
 =head1 NOTE
@@ -87,6 +87,6 @@ RFC 1319, RFC 1320, RFC 1321
 
 =head1 SEE ALSO
 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<EVP_DigestInit(3)>
 
 =cut
diff --git a/doc/crypto/mdc2.pod b/doc/crypto/mdc2.pod
index 2795868073..f7cc4257fe 100644
--- a/doc/crypto/mdc2.pod
+++ b/doc/crypto/mdc2.pod
@@ -39,7 +39,7 @@ MDC2_Final() places the message digest in B<md>, which must have space
 for MDC2_DIGEST_LENGTH == 16 bytes of output, and erases the B<MDC2_CTX>.
 
 Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the
+L<EVP_DigestInit(3)> etc. instead of calling the
 hash functions directly.
 
 =head1 RETURN VALUES
@@ -54,6 +54,6 @@ ISO/IEC 10118-2, with DES
 
 =head1 SEE ALSO
 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<EVP_DigestInit(3)>
 
 =cut
diff --git a/doc/crypto/rand.pod b/doc/crypto/rand.pod
index d102df2eee..25172d954d 100644
--- a/doc/crypto/rand.pod
+++ b/doc/crypto/rand.pod
@@ -55,11 +55,11 @@ need randomness.
 
 A cryptographic PRNG must be seeded with unpredictable data such as
 mouse movements or keys pressed at random by the user. This is
-described in L<RAND_add(3)|RAND_add(3)>. Its state can be saved in a seed file
-(see L<RAND_load_file(3)|RAND_load_file(3)>) to avoid having to go through the
+described in L<RAND_add(3)>. Its state can be saved in a seed file
+(see L<RAND_load_file(3)>) to avoid having to go through the
 seeding process whenever the application is started.
 
-L<RAND_bytes(3)|RAND_bytes(3)> describes how to obtain random data from the
+L<RAND_bytes(3)> describes how to obtain random data from the
 PRNG. 
 
 =head1 INTERNALS
@@ -162,14 +162,14 @@ overwritten) and 7 (by not using the 10 bytes given to the caller to
 update the 'state', but they are used to update 'md').
 
 So of the points raised, only 2 is not addressed (but see
-L<RAND_add(3)|RAND_add(3)>).
+L<RAND_add(3)>).
 
 =head1 SEE ALSO
 
-L<BN_rand(3)|BN_rand(3)>, L<RAND_add(3)|RAND_add(3)>,
-L<RAND_load_file(3)|RAND_load_file(3)>, L<RAND_egd(3)|RAND_egd(3)>,
-L<RAND_bytes(3)|RAND_bytes(3)>,
-L<RAND_set_rand_method(3)|RAND_set_rand_method(3)>,
-L<RAND_cleanup(3)|RAND_cleanup(3)> 
+L<BN_rand(3)>, L<RAND_add(3)>,
+L<RAND_load_file(3)>, L<RAND_egd(3)>,
+L<RAND_bytes(3)>,
+L<RAND_set_rand_method(3)>,
+L<RAND_cleanup(3)> 
 
 =cut
diff --git a/doc/crypto/rc4.pod b/doc/crypto/rc4.pod
index bbf0f27f47..cbbf5ded2b 100644
--- a/doc/crypto/rc4.pod
+++ b/doc/crypto/rc4.pod
@@ -44,7 +44,7 @@ RC4_set_key() and RC4() do not return values.
 =head1 NOTE
 
 Applications should use the higher level functions
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)> etc. instead of calling these
+L<EVP_EncryptInit(3)> etc. instead of calling these
 functions directly.
 
 It is difficult to securely use stream ciphers. For example, do not perform
@@ -56,6 +56,6 @@ RC4_set_key() and RC4() are available in all versions of SSLeay and OpenSSL.
 
 =head1 SEE ALSO
 
-L<EVP_EncryptInit(3)|EVP_EncryptInit(3)>
+L<EVP_EncryptInit(3)>
 
 =cut
diff --git a/doc/crypto/ripemd.pod b/doc/crypto/ripemd.pod
index e5ca3ad8d3..c7a94cc9ab 100644
--- a/doc/crypto/ripemd.pod
+++ b/doc/crypto/ripemd.pod
@@ -49,7 +49,7 @@ success, 0 otherwise.
 =head1 NOTE
 
 Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling these
+L<EVP_DigestInit(3)> etc. instead of calling these
 functions directly.
 
 =head1 CONFORMING TO
@@ -58,6 +58,6 @@ ISO/IEC 10118-3 (draft) (??)
 
 =head1 SEE ALSO
 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<EVP_DigestInit(3)>
 
 =cut
diff --git a/doc/crypto/rsa.pod b/doc/crypto/rsa.pod
index 743334ff79..a1cec7f09b 100644
--- a/doc/crypto/rsa.pod
+++ b/doc/crypto/rsa.pod
@@ -105,17 +105,17 @@ RSA was covered by a US patent which expired in September 2000.
 
 =head1 SEE ALSO
 
-L<rsa(1)|rsa(1)>, L<bn(3)|bn(3)>, L<dsa(3)|dsa(3)>, L<dh(3)|dh(3)>,
-L<rand(3)|rand(3)>, L<engine(3)|engine(3)>, L<RSA_new(3)|RSA_new(3)>,
-L<RSA_public_encrypt(3)|RSA_public_encrypt(3)>,
-L<RSA_sign(3)|RSA_sign(3)>, L<RSA_size(3)|RSA_size(3)>,
-L<RSA_generate_key(3)|RSA_generate_key(3)>,
-L<RSA_check_key(3)|RSA_check_key(3)>,
-L<RSA_blinding_on(3)|RSA_blinding_on(3)>,
-L<RSA_set_method(3)|RSA_set_method(3)>, L<RSA_print(3)|RSA_print(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<RSA_private_encrypt(3)|RSA_private_encrypt(3)>,
-L<RSA_sign_ASN1_OCTET_STRING(3)|RSA_sign_ASN1_OCTET_STRING(3)>,
-L<RSA_padding_add_PKCS1_type_1(3)|RSA_padding_add_PKCS1_type_1(3)> 
+L<rsa(1)>, L<bn(3)>, L<dsa(3)>, L<dh(3)>,
+L<rand(3)>, L<engine(3)>, L<RSA_new(3)>,
+L<RSA_public_encrypt(3)>,
+L<RSA_sign(3)>, L<RSA_size(3)>,
+L<RSA_generate_key(3)>,
+L<RSA_check_key(3)>,
+L<RSA_blinding_on(3)>,
+L<RSA_set_method(3)>, L<RSA_print(3)>,
+L<RSA_get_ex_new_index(3)>,
+L<RSA_private_encrypt(3)>,
+L<RSA_sign_ASN1_OCTET_STRING(3)>,
+L<RSA_padding_add_PKCS1_type_1(3)> 
 
 =cut
diff --git a/doc/crypto/sha.pod b/doc/crypto/sha.pod
index 67a04610d5..26f1df3cea 100644
--- a/doc/crypto/sha.pod
+++ b/doc/crypto/sha.pod
@@ -44,7 +44,7 @@ SHA512_Final - Secure Hash Algorithm
 =head1 DESCRIPTION
 
 Applications should use the higher level functions
-L<EVP_DigestInit(3)|EVP_DigestInit(3)> etc. instead of calling the hash
+L<EVP_DigestInit(3)> etc. instead of calling the hash
 functions directly.
 
 SHA-1 (Secure Hash Algorithm) is a cryptographic hash function with a
@@ -94,6 +94,6 @@ ANSI X9.30
 
 =head1 SEE ALSO
 
-L<EVP_DigestInit(3)|EVP_DigestInit(3)>
+L<EVP_DigestInit(3)>
 
 =cut
diff --git a/doc/crypto/threads.pod b/doc/crypto/threads.pod
index 37be84fc39..fd43a2c15a 100644
--- a/doc/crypto/threads.pod
+++ b/doc/crypto/threads.pod
@@ -205,6 +205,6 @@ thread IDs to always be represented by 'unsigned long'.
 
 =head1 SEE ALSO
 
-L<crypto(3)|crypto(3)>
+L<crypto(3)>
 
 =cut
diff --git a/doc/crypto/ui.pod b/doc/crypto/ui.pod
index 9dbc2da87a..bb4a8a5f3b 100644
--- a/doc/crypto/ui.pod
+++ b/doc/crypto/ui.pod
@@ -69,7 +69,7 @@ UI_set_method, UI_OpenSSL, ERR_load_UI_strings - New User Interface
 
 UI stands for User Interface, and is general purpose set of routines to
 prompt the user for text-based information.  Through user-written methods
-(see L<ui_create(3)|ui_create(3)>), prompting can be done in any way
+(see L<ui_create(3)>), prompting can be done in any way
 imaginable, be it plain text prompting, through dialog boxes or from a
 cell phone.
 
@@ -181,7 +181,7 @@ UI_set_method() changes the UI method associated with a given UI.
 
 =head1 SEE ALSO
 
-L<ui_create(3)|ui_create(3)>, L<ui_compat(3)|ui_compat(3)>
+L<ui_create(3)>, L<ui_compat(3)>
 
 =head1 HISTORY
 
diff --git a/doc/crypto/x509.pod b/doc/crypto/x509.pod
index f9e58e0e41..8639525525 100644
--- a/doc/crypto/x509.pod
+++ b/doc/crypto/x509.pod
@@ -47,18 +47,18 @@ B<X509_EXTENSION_>I<...> handle certificate extensions.
 
 =head1 SEE ALSO
 
-L<X509_NAME_ENTRY_get_object(3)|X509_NAME_ENTRY_get_object(3)>,
-L<X509_NAME_add_entry_by_txt(3)|X509_NAME_add_entry_by_txt(3)>,
-L<X509_NAME_add_entry_by_NID(3)|X509_NAME_add_entry_by_NID(3)>,
-L<X509_NAME_print_ex(3)|X509_NAME_print_ex(3)>,
-L<X509_NAME_new(3)|X509_NAME_new(3)>,
-L<d2i_X509(3)|d2i_X509(3)>,
-L<d2i_X509_ALGOR(3)|d2i_X509_ALGOR(3)>,
-L<d2i_X509_CRL(3)|d2i_X509_CRL(3)>,
-L<d2i_X509_NAME(3)|d2i_X509_NAME(3)>,
-L<d2i_X509_REQ(3)|d2i_X509_REQ(3)>,
-L<d2i_X509_SIG(3)|d2i_X509_SIG(3)>,
-L<crypto(3)|crypto(3)>,
-L<x509v3(3)|x509v3(3)>
+L<X509_NAME_ENTRY_get_object(3)>,
+L<X509_NAME_add_entry_by_txt(3)>,
+L<X509_NAME_add_entry_by_NID(3)>,
+L<X509_NAME_print_ex(3)>,
+L<X509_NAME_new(3)>,
+L<d2i_X509(3)>,
+L<d2i_X509_ALGOR(3)>,
+L<d2i_X509_CRL(3)>,
+L<d2i_X509_NAME(3)>,
+L<d2i_X509_REQ(3)>,
+L<d2i_X509_SIG(3)>,
+L<crypto(3)>,
+L<x509v3(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CIPHER_get_name.pod b/doc/ssl/SSL_CIPHER_get_name.pod
index baac900bc4..3ea94b849e 100644
--- a/doc/ssl/SSL_CIPHER_get_name.pod
+++ b/doc/ssl/SSL_CIPHER_get_name.pod
@@ -125,7 +125,7 @@ See DESCRIPTION
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_current_cipher(3)|SSL_get_current_cipher(3)>,
-L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>, L<ciphers(1)|ciphers(1)>
+L<ssl(3)>, L<SSL_get_current_cipher(3)>,
+L<SSL_get_ciphers(3)>, L<ciphers(1)>
 
 =cut
diff --git a/doc/ssl/SSL_COMP_add_compression_method.pod b/doc/ssl/SSL_COMP_add_compression_method.pod
index 2bb440379f..6a0caffff9 100644
--- a/doc/ssl/SSL_COMP_add_compression_method.pod
+++ b/doc/ssl/SSL_COMP_add_compression_method.pod
@@ -71,6 +71,6 @@ The operation failed. Check the error queue to find out the reason.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CONF_CTX_new.pod b/doc/ssl/SSL_CONF_CTX_new.pod
index 79c8c94ee0..329e3c78e4 100644
--- a/doc/ssl/SSL_CONF_CTX_new.pod
+++ b/doc/ssl/SSL_CONF_CTX_new.pod
@@ -28,11 +28,11 @@ SSL_CONF_CTX_free() does not return a value.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
-L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
-L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
-L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
-L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+L<SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CONF_CTX_set1_prefix.pod b/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
index 76990188d1..5083a73876 100644
--- a/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
+++ b/doc/ssl/SSL_CONF_CTX_set1_prefix.pod
@@ -36,11 +36,11 @@ SSL_CONF_CTX_set1_prefix() returns 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
-L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
-L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
-L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
-L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+L<SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CONF_CTX_set_flags.pod b/doc/ssl/SSL_CONF_CTX_set_flags.pod
index fdff4706c7..10cfc4d17f 100644
--- a/doc/ssl/SSL_CONF_CTX_set_flags.pod
+++ b/doc/ssl/SSL_CONF_CTX_set_flags.pod
@@ -62,11 +62,11 @@ value after setting or clearing flags.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
-L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
-L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
-L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
-L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+L<SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
index 2049a53362..e7ede4284a 100644
--- a/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
+++ b/doc/ssl/SSL_CONF_CTX_set_ssl_ctx.pod
@@ -34,11 +34,11 @@ SSL_CONF_CTX_set_ssl_ctx() and SSL_CTX_set_ssl() do not return a value.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
-L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
-L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
-L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>,
-L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+L<SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_cmd(3)>,
+L<SSL_CONF_cmd_argv(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
index 16b368a6f3..e8eeb15f15 100644
--- a/doc/ssl/SSL_CONF_cmd.pod
+++ b/doc/ssl/SSL_CONF_cmd.pod
@@ -457,11 +457,11 @@ SSL_CONF_finish() returns 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
-L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
-L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
-L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
-L<SSL_CONF_cmd_argv(3)|SSL_CONF_cmd_argv(3)>
+L<SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd_argv(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CONF_cmd_argv.pod b/doc/ssl/SSL_CONF_cmd_argv.pod
index 6e66441cd1..c06b44f98c 100644
--- a/doc/ssl/SSL_CONF_cmd_argv.pod
+++ b/doc/ssl/SSL_CONF_cmd_argv.pod
@@ -29,11 +29,11 @@ to an error: for example a syntax error in the argument.
 
 =head1 SEE ALSO
 
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>,
-L<SSL_CONF_CTX_set_flags(3)|SSL_CONF_CTX_set_flags(3)>,
-L<SSL_CONF_CTX_set1_prefix(3)|SSL_CONF_CTX_set1_prefix(3)>,
-L<SSL_CONF_CTX_set_ssl_ctx(3)|SSL_CONF_CTX_set_ssl_ctx(3)>,
-L<SSL_CONF_cmd(3)|SSL_CONF_cmd(3)>
+L<SSL_CONF_CTX_new(3)>,
+L<SSL_CONF_CTX_set_flags(3)>,
+L<SSL_CONF_CTX_set1_prefix(3)>,
+L<SSL_CONF_CTX_set_ssl_ctx(3)>,
+L<SSL_CONF_cmd(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_add1_chain_cert.pod b/doc/ssl/SSL_CTX_add1_chain_cert.pod
index 786f31e4f6..545b82ebcf 100644
--- a/doc/ssl/SSL_CTX_add1_chain_cert.pod
+++ b/doc/ssl/SSL_CTX_add1_chain_cert.pod
@@ -140,7 +140,7 @@ All other functions return 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_add_extra_chain_cert(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_add_extra_chain_cert.pod b/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
index 04300fbe6f..63cf2b2a96 100644
--- a/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
+++ b/doc/ssl/SSL_CTX_add_extra_chain_cert.pod
@@ -30,7 +30,7 @@ following the end entity certificate.
 
 If no chain is specified, the library will try to complete the chain from the
 available CA certificates in the trusted CA storage, see
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+L<SSL_CTX_load_verify_locations(3)>.
 
 The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be
 freed by the library when the B<SSL_CTX> is destroyed. An application
@@ -53,19 +53,19 @@ reason for failure.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-L<SSL_CTX_set0_chain(3)|SSL_CTX_set0_chain(3)>
-L<SSL_CTX_set1_chain(3)|SSL_CTX_set1_chain(3)>
-L<SSL_CTX_add0_chain_cert(3)|SSL_CTX_add0_chain_cert(3)>
-L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>
-L<SSL_set0_chain(3)|SSL_set0_chain(3)>
-L<SSL_set1_chain(3)|SSL_set1_chain(3)>
-L<SSL_add0_chain_cert(3)|SSL_add0_chain_cert(3)>
-L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>
-L<SSL_CTX_build_cert_chain(3)|SSL_CTX_build_cert_chain(3)>
-L<SSL_build_cert_chain(3)|SSL_build_cert_chain(3)>
+L<ssl(3)>,
+L<SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_set0_chain(3)>
+L<SSL_CTX_set1_chain(3)>
+L<SSL_CTX_add0_chain_cert(3)>
+L<SSL_CTX_add1_chain_cert(3)>
+L<SSL_set0_chain(3)>
+L<SSL_set1_chain(3)>
+L<SSL_add0_chain_cert(3)>
+L<SSL_add1_chain_cert(3)>
+L<SSL_CTX_build_cert_chain(3)>
+L<SSL_build_cert_chain(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_add_session.pod b/doc/ssl/SSL_CTX_add_session.pod
index c660a18fc2..fb8cf6a9bf 100644
--- a/doc/ssl/SSL_CTX_add_session.pod
+++ b/doc/ssl/SSL_CTX_add_session.pod
@@ -19,10 +19,10 @@ SSL_CTX_add_session, SSL_add_session, SSL_CTX_remove_session, SSL_remove_session
 SSL_CTX_add_session() adds the session B<c> to the context B<ctx>. The
 reference count for session B<c> is incremented by 1. If a session with
 the same session id already exists, the old session is removed by calling
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
+L<SSL_SESSION_free(3)>.
 
 SSL_CTX_remove_session() removes the session B<c> from the context B<ctx>.
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> is called once for B<c>.
+L<SSL_SESSION_free(3)> is called once for B<c>.
 
 SSL_add_session() and SSL_remove_session() are synonyms for their
 SSL_CTX_*() counterparts.
@@ -66,8 +66,8 @@ The following values are returned by all functions:
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_ctrl.pod b/doc/ssl/SSL_CTX_ctrl.pod
index fb6adcf50c..b59d267bfc 100644
--- a/doc/ssl/SSL_CTX_ctrl.pod
+++ b/doc/ssl/SSL_CTX_ctrl.pod
@@ -29,6 +29,6 @@ supplied via the B<cmd> parameter.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_flush_sessions.pod b/doc/ssl/SSL_CTX_flush_sessions.pod
index 148c36c871..103e13fc68 100644
--- a/doc/ssl/SSL_CTX_flush_sessions.pod
+++ b/doc/ssl/SSL_CTX_flush_sessions.pod
@@ -25,7 +25,7 @@ up to the specified maximum number (see SSL_CTX_sess_set_cache_size()).
 As sessions will not be reused ones they are expired, they should be
 removed from the cache to save resources. This can either be done
  automatically whenever 255 new sessions were established (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
+L<SSL_CTX_set_session_cache_mode(3)>)
 or manually by calling SSL_CTX_flush_sessions(). 
 
 The parameter B<tm> specifies the time which should be used for the
@@ -35,15 +35,15 @@ will be used.
 SSL_CTX_flush_sessions() will only check sessions stored in the internal
 cache. When a session is found and removed, the remove_session_cb is however
 called to synchronize with the external cache (see
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
+L<SSL_CTX_sess_set_get_cb(3)>).
 
 =head1 RETURN VALUES
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_free.pod b/doc/ssl/SSL_CTX_free.pod
index f37617dcef..22ce5505dc 100644
--- a/doc/ssl/SSL_CTX_free.pod
+++ b/doc/ssl/SSL_CTX_free.pod
@@ -37,7 +37,7 @@ SSL_CTX_free() does not provide diagnostic information.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<ssl(3)|ssl(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+L<SSL_CTX_new(3)>, L<ssl(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_get0_param.pod b/doc/ssl/SSL_CTX_get0_param.pod
index ba16b50f08..6fdc2bd073 100644
--- a/doc/ssl/SSL_CTX_get0_param.pod
+++ b/doc/ssl/SSL_CTX_get0_param.pod
@@ -46,7 +46,7 @@ for failure.
 
 =head1 SEE ALSO
 
-L<X509_VERIFY_PARAM_set_flags(3)|X509_VERIFY_PARAM_set_flags(3)>
+L<X509_VERIFY_PARAM_set_flags(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_get_ex_new_index.pod b/doc/ssl/SSL_CTX_get_ex_new_index.pod
index 0c40a91f2f..fc72837731 100644
--- a/doc/ssl/SSL_CTX_get_ex_new_index.pod
+++ b/doc/ssl/SSL_CTX_get_ex_new_index.pod
@@ -40,14 +40,14 @@ SSL_CTX_get_ex_data() is used to retrieve the information for B<idx> from
 B<ctx>.
 
 A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+can be found in L<RSA_get_ex_new_index(3)>.
 The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+L<CRYPTO_set_ex_data(3)>.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+L<ssl(3)>,
+L<RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_get_verify_mode.pod b/doc/ssl/SSL_CTX_get_verify_mode.pod
index 2a3747e75c..f75c2dae79 100644
--- a/doc/ssl/SSL_CTX_get_verify_mode.pod
+++ b/doc/ssl/SSL_CTX_get_verify_mode.pod
@@ -45,6 +45,6 @@ See DESCRIPTION
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+L<ssl(3)>, L<SSL_CTX_set_verify(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod
index d1d8977195..8f7d627690 100644
--- a/doc/ssl/SSL_CTX_load_verify_locations.pod
+++ b/doc/ssl/SSL_CTX_load_verify_locations.pod
@@ -59,14 +59,14 @@ In server mode, when requesting a client certificate, the server must send
 the list of CAs of which it will accept client certificates. This list
 is not influenced by the contents of B<CAfile> or B<CApath> and must
 explicitly be set using the
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
+L<SSL_CTX_set_client_CA_list(3)>
 family of functions.
 
 When building its own certificate chain, an OpenSSL client/server will
 try to fill in missing certificates from B<CAfile>/B<CApath>, if the
 certificate chain was not explicitly specified (see
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>.
+L<SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_use_certificate(3)>.
 
 =head1 WARNINGS
 
@@ -114,11 +114,11 @@ The operation succeeded.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)>,
+L<SSL_get_client_CA_list(3)>,
+L<SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_set_cert_store(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_new.pod b/doc/ssl/SSL_CTX_new.pod
index c788b9b1ab..3cbf7a7aab 100644
--- a/doc/ssl/SSL_CTX_new.pod
+++ b/doc/ssl/SSL_CTX_new.pod
@@ -109,7 +109,7 @@ were introduced in OpenSSL 1.1.0.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_free(3)|SSL_CTX_free(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<ssl(3)|ssl(3)>,  L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+L<SSL_CTX_free(3)>, L<SSL_accept(3)>,
+L<ssl(3)>,  L<SSL_set_connect_state(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_sess_number.pod b/doc/ssl/SSL_CTX_sess_number.pod
index 19aa4e2902..aa82c30a51 100644
--- a/doc/ssl/SSL_CTX_sess_number.pod
+++ b/doc/ssl/SSL_CTX_sess_number.pod
@@ -45,7 +45,7 @@ SSL_CTX_sess_accept_renegotiate() returns the number of start renegotiations
 in server mode.
 
 SSL_CTX_sess_hits() returns the number of successfully reused sessions.
-In client mode a session set with L<SSL_set_session(3)|SSL_set_session(3)>
+In client mode a session set with L<SSL_set_session(3)>
 successfully reused is counted as a hit. In server mode a session successfully
 retrieved from internal or external cache is counted as a hit.
 
@@ -69,8 +69,8 @@ The functions return the values indicated in the DESCRIPTION section.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>
+L<ssl(3)>, L<SSL_set_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>
+L<SSL_CTX_sess_set_cache_size(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_sess_set_cache_size.pod b/doc/ssl/SSL_CTX_sess_set_cache_size.pod
index 4aeda096d6..32396759c3 100644
--- a/doc/ssl/SSL_CTX_sess_set_cache_size.pod
+++ b/doc/ssl/SSL_CTX_sess_set_cache_size.pod
@@ -29,7 +29,7 @@ case is the size 0, which is used for unlimited size.
 If adding the session makes the cache exceed its size, then unused
 sessions are dropped from the end of the cache.
 Cache space may also be reclaimed by calling
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> to remove
+L<SSL_CTX_flush_sessions(3)> to remove
 expired sessions.
 
 If the size of the session cache is reduced and more sessions are already
@@ -45,9 +45,9 @@ SSL_CTX_sess_get_cache_size() returns the currently valid size.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_sess_number(3)>,
+L<SSL_CTX_flush_sessions(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_sess_set_get_cb.pod b/doc/ssl/SSL_CTX_sess_set_get_cb.pod
index b9d54a40a1..edde048e77 100644
--- a/doc/ssl/SSL_CTX_sess_set_get_cb.pod
+++ b/doc/ssl/SSL_CTX_sess_set_get_cb.pod
@@ -37,7 +37,7 @@ of exceeding the timeout value.
 SSL_CTX_sess_set_get_cb() sets the callback function which is called,
 whenever a SSL/TLS client proposed to resume a session but the session
 could not be found in the internal session cache (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
+L<SSL_CTX_set_session_cache_mode(3)>).
 (SSL/TLS server only.)
 
 SSL_CTX_sess_get_new_cb(), SSL_CTX_sess_get_remove_cb(), and
@@ -50,11 +50,11 @@ the NULL pointer is returned.
 In order to allow external session caching, synchronization with the internal
 session cache is realized via callback functions. Inside these callback
 functions, session can be saved to disk or put into a database using the
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)> interface.
+L<d2i_SSL_SESSION(3)> interface.
 
 The new_session_cb() is called, whenever a new session has been negotiated
 and session caching is enabled (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>).
+L<SSL_CTX_set_session_cache_mode(3)>).
 The new_session_cb() is passed the B<ssl> connection and the ssl session
 B<sess>. If the callback returns B<0>, the session will be immediately
 removed again.
@@ -63,7 +63,7 @@ The remove_session_cb() is called, whenever the SSL engine removes a session
 from the internal cache. This happens when the session is removed because
 it is expired or when a connection was not shutdown cleanly. It also happens
 for all sessions in the internal session cache when
-L<SSL_CTX_free(3)|SSL_CTX_free(3)> is called. The remove_session_cb() is passed
+L<SSL_CTX_free(3)> is called. The remove_session_cb() is passed
 the B<ctx> and the ssl session B<sess>. It does not provide any feedback.
 
 The get_session_cb() is only called on SSL/TLS servers with the session id
@@ -74,14 +74,14 @@ B<data>. With the parameter B<copy> the callback can require the
 SSL engine to increment the reference count of the SSL_SESSION object,
 Normally the reference count is not incremented and therefore the
 session must not be explicitly freed with
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>.
+L<SSL_SESSION_free(3)>.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_CTX_free(3)|SSL_CTX_free(3)>
+L<ssl(3)>, L<d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_flush_sessions(3)>,
+L<SSL_SESSION_free(3)>,
+L<SSL_CTX_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_sessions.pod b/doc/ssl/SSL_CTX_sessions.pod
index e05aab3c1b..0099b31984 100644
--- a/doc/ssl/SSL_CTX_sessions.pod
+++ b/doc/ssl/SSL_CTX_sessions.pod
@@ -18,17 +18,17 @@ internal session cache for B<ctx>.
 =head1 NOTES
 
 The sessions in the internal session cache are kept in an
-L<lhash(3)|lhash(3)> type database. It is possible to directly
+L<lhash(3)> type database. It is possible to directly
 access this database e.g. for searching. In parallel, the sessions
 form a linked list which is maintained separately from the
-L<lhash(3)|lhash(3)> operations, so that the database must not be
+L<lhash(3)> operations, so that the database must not be
 modified directly but by using the
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)> family of functions.
+L<SSL_CTX_add_session(3)> family of functions.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<lhash(3)|lhash(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+L<ssl(3)>, L<lhash(3)>,
+L<SSL_CTX_add_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set1_curves.pod b/doc/ssl/SSL_CTX_set1_curves.pod
index 18d0c9ac39..e2d4803e00 100644
--- a/doc/ssl/SSL_CTX_set1_curves.pod
+++ b/doc/ssl/SSL_CTX_set1_curves.pod
@@ -94,7 +94,7 @@ returns -1.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_add_extra_chain_cert(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set1_sigalgs.pod b/doc/ssl/SSL_CTX_set1_sigalgs.pod
index b263160f5b..5786ea1dc1 100644
--- a/doc/ssl/SSL_CTX_set1_sigalgs.pod
+++ b/doc/ssl/SSL_CTX_set1_sigalgs.pod
@@ -98,7 +98,7 @@ All these functions return 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_shared_sigalgs(3)|SSL_get_shared_sigalgs(3)>,
-L<SSL_CONF_CTX_new(3)|SSL_CONF_CTX_new(3)>
+L<ssl(3)>, L<SSL_get_shared_sigalgs(3)>,
+L<SSL_CONF_CTX_new(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set1_verify_cert_store.pod b/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
index 493cca4819..af09f889f8 100644
--- a/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
+++ b/doc/ssl/SSL_CTX_set1_verify_cert_store.pod
@@ -55,8 +55,8 @@ The chain store is used to build the certificate chain.
 
 If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set or a certificate chain is
 configured already (for example using the functions such as 
-L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)> or
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>) then
+L<SSL_CTX_add1_chain_cert(3)> or
+L<SSL_CTX_add_extra_chain_cert(3)>) then
 automatic chain building is disabled.
 
 If the mode B<SSL_MODE_NO_AUTO_CHAIN> is set then automatic chain building
@@ -72,17 +72,17 @@ All these functions return 1 for success and 0 for failure.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
-L<SSL_CTX_set0_chain(3)|SSL_CTX_set0_chain(3)>
-L<SSL_CTX_set1_chain(3)|SSL_CTX_set1_chain(3)>
-L<SSL_CTX_add0_chain_cert(3)|SSL_CTX_add0_chain_cert(3)>
-L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>
-L<SSL_set0_chain(3)|SSL_set0_chain(3)>
-L<SSL_set1_chain(3)|SSL_set1_chain(3)>
-L<SSL_add0_chain_cert(3)|SSL_add0_chain_cert(3)>
-L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>
-L<SSL_CTX_build_cert_chain(3)|SSL_CTX_build_cert_chain(3)>
-L<SSL_build_cert_chain(3)|SSL_build_cert_chain(3)>
+L<SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_set0_chain(3)>
+L<SSL_CTX_set1_chain(3)>
+L<SSL_CTX_add0_chain_cert(3)>
+L<SSL_CTX_add1_chain_cert(3)>
+L<SSL_set0_chain(3)>
+L<SSL_set1_chain(3)>
+L<SSL_add0_chain_cert(3)>
+L<SSL_add1_chain_cert(3)>
+L<SSL_CTX_build_cert_chain(3)>
+L<SSL_build_cert_chain(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_cert_cb.pod b/doc/ssl/SSL_CTX_set_cert_cb.pod
index 1677ff0724..77fdb95a66 100644
--- a/doc/ssl/SSL_CTX_set_cert_cb.pod
+++ b/doc/ssl/SSL_CTX_set_cert_cb.pod
@@ -27,7 +27,7 @@ the callback is successful it B<MUST> return 1 even if no certificates have
 been set. A zero is returned on error which will abort the handshake with a
 fatal internal error alert. A negative return value will suspend the handshake
 and the handshake function will return immediately.
-L<SSL_get_error(3)|SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to
+L<SSL_get_error(3)> will return SSL_ERROR_WANT_X509_LOOKUP to
 indicate, that the handshake was suspended. The next call to the handshake
 function will again lead to the call of cert_cb(). It is the job of the
 cert_cb() to store information about the state of the last call,
@@ -60,9 +60,9 @@ support it will B<not> be used.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_use_certificate(3)|SSL_use_certificate(3)>,
-L<SSL_add1_chain_cert(3)|SSL_add1_chain_cert(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+L<ssl(3)>, L<SSL_use_certificate(3)>,
+L<SSL_add1_chain_cert(3)>,
+L<SSL_get_client_CA_list(3)>,
+L<SSL_clear(3)>, L<SSL_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_cert_store.pod b/doc/ssl/SSL_CTX_set_cert_store.pod
index 846416e069..03a0937d59 100644
--- a/doc/ssl/SSL_CTX_set_cert_store.pod
+++ b/doc/ssl/SSL_CTX_set_cert_store.pod
@@ -28,17 +28,17 @@ via lookup methods, handled inside the X509_STORE. From the X509_STORE
 the X509_STORE_CTX used when verifying certificates is created.
 
 Typically the trusted certificate store is handled indirectly via using
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+L<SSL_CTX_load_verify_locations(3)>.
 Using the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store() functions
 it is possible to manipulate the X509_STORE object beyond the
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_load_verify_locations(3)>
 call.
 
 Currently no detailed documentation on how to use the X509_STORE
 object is available. Not all members of the X509_STORE are used when
 the verification takes place. So will e.g. the verify_callback() be
 overridden with the verify_callback() set via the
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> family of functions.
+L<SSL_CTX_set_verify(3)> family of functions.
 This document must therefore be updated when documentation about the
 X509_STORE object and its handling becomes available.
 
@@ -57,8 +57,8 @@ SSL_CTX_get_cert_store() returns the current setting.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+L<ssl(3)>,
+L<SSL_CTX_load_verify_locations(3)>,
+L<SSL_CTX_set_verify(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
index c0f4f85708..8b802ab3ac 100644
--- a/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
+++ b/doc/ssl/SSL_CTX_set_cert_verify_callback.pod
@@ -14,7 +14,7 @@ SSL_CTX_set_cert_verify_callback - set peer certificate verification procedure
 
 SSL_CTX_set_cert_verify_callback() sets the verification callback function for
 I<ctx>. SSL objects that are created from I<ctx> inherit the setting valid at
-the time when L<SSL_new(3)|SSL_new(3)> is called.
+the time when L<SSL_new(3)> is called.
 
 =head1 NOTES
 
@@ -38,13 +38,13 @@ member of I<x509_store_ctx> so that the calling application will be informed
 about the detailed result of the verification procedure! 
 
 Within I<x509_store_ctx>, I<callback> has access to the I<verify_callback>
-function set using L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
+function set using L<SSL_CTX_set_verify(3)>.
 
 =head1 WARNINGS
 
 Do not mix the verification callback described in this function with the
 B<verify_callback> function called during the verification process. The
-latter is set using the L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+latter is set using the L<SSL_CTX_set_verify(3)>
 family of functions.
 
 Providing a complete verification procedure including certificate purpose
@@ -60,9 +60,9 @@ SSL_CTX_set_cert_verify_callback() does not provide diagnostic information.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<ssl(3)>, L<SSL_CTX_set_verify(3)>,
+L<SSL_get_verify_result(3)>,
+L<SSL_CTX_load_verify_locations(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_cipher_list.pod b/doc/ssl/SSL_CTX_set_cipher_list.pod
index c2c349f65e..ccd10c820a 100644
--- a/doc/ssl/SSL_CTX_set_cipher_list.pod
+++ b/doc/ssl/SSL_CTX_set_cipher_list.pod
@@ -15,7 +15,7 @@ SSL_CTX_set_cipher_list, SSL_set_cipher_list - choose list of available SSL_CIPH
 
 SSL_CTX_set_cipher_list() sets the list of available ciphers for B<ctx>
 using the control string B<str>. The format of the string is described
-in L<ciphers(1)|ciphers(1)>. The list of ciphers is inherited by all
+in L<ciphers(1)>. The list of ciphers is inherited by all
 B<ssl> objects created from B<ctx>.
 
 SSL_set_cipher_list() sets the list of ciphers only for B<ssl>.
@@ -40,13 +40,13 @@ A RSA cipher can only be chosen, when a RSA certificate is available.
 RSA export ciphers with a keylength of 512 bits for the RSA key require
 a temporary 512 bit RSA key, as typically the supplied key has a length
 of 1024 bit (see
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>).
+L<SSL_CTX_set_tmp_rsa_callback(3)>).
 RSA ciphers using DHE need a certificate and key and additional DH-parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+(see L<SSL_CTX_set_tmp_dh_callback(3)>).
 
 A DSA cipher can only be chosen, when a DSA certificate is available.
 DSA ciphers always use DH key exchange and therefore need DH-parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+(see L<SSL_CTX_set_tmp_dh_callback(3)>).
 
 When these conditions are not met for any cipher in the list (e.g. a
 client only supports export RSA ciphers with a asymmetric key length
@@ -61,10 +61,10 @@ could be selected and 0 on complete failure.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<ciphers(1)|ciphers(1)>
+L<ssl(3)>, L<SSL_get_ciphers(3)>,
+L<SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<ciphers(1)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_client_CA_list.pod b/doc/ssl/SSL_CTX_set_client_CA_list.pod
index 4965385e97..cc05d77bc2 100644
--- a/doc/ssl/SSL_CTX_set_client_CA_list.pod
+++ b/doc/ssl/SSL_CTX_set_client_CA_list.pod
@@ -42,11 +42,11 @@ This list must explicitly be set using SSL_CTX_set_client_CA_list() for
 B<ctx> and SSL_set_client_CA_list() for the specific B<ssl>. The list
 specified overrides the previous setting. The CAs listed do not become
 trusted (B<list> only contains the names, not the complete certificates); use
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 
+L<SSL_CTX_load_verify_locations(3)> 
 to additionally load them for verification.
 
 If the list of acceptable CAs is compiled in a file, the
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>
+L<SSL_load_client_CA_file(3)>
 function can be used to help importing the necessary data.
 
 SSL_CTX_add_client_CA() and SSL_add_client_CA() can be used to add additional
@@ -86,9 +86,9 @@ Scan all certificates in B<CAfile> and list them as acceptable CAs:
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
+L<ssl(3)>,
+L<SSL_get_client_CA_list(3)>,
+L<SSL_load_client_CA_file(3)>,
+L<SSL_CTX_load_verify_locations(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_client_cert_cb.pod b/doc/ssl/SSL_CTX_set_client_cert_cb.pod
index d0df69a9bc..1b5f5f1a83 100644
--- a/doc/ssl/SSL_CTX_set_client_cert_cb.pod
+++ b/doc/ssl/SSL_CTX_set_client_cert_cb.pod
@@ -29,7 +29,7 @@ using the B<x509> and B<pkey> arguments and "1" must be returned. The
 certificate will be installed into B<ssl>, see the NOTES and BUGS sections.
 If no certificate should be set, "0" has to be returned and no certificate
 will be sent. A negative return value will suspend the handshake and the
-handshake function will return immediately. L<SSL_get_error(3)|SSL_get_error(3)>
+handshake function will return immediately. L<SSL_get_error(3)>
 will return SSL_ERROR_WANT_X509_LOOKUP to indicate, that the handshake was
 suspended. The next call to the handshake function will again lead to the call
 of client_cert_cb(). It is the job of the client_cert_cb() to store information
@@ -42,7 +42,7 @@ from the client. A client certificate must only be sent, when the server
 did send the request.
 
 When a certificate was set using the
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)> family of functions,
+L<SSL_CTX_use_certificate(3)> family of functions,
 it will be sent to the server. The TLS standard requires that only a
 certificate is sent, if it matches the list of acceptable CAs sent by the
 server. This constraint is violated by the default behavior of the OpenSSL
@@ -56,7 +56,7 @@ If the callback function returns a certificate, the OpenSSL library
 will try to load the private key and certificate data into the SSL
 object using the SSL_use_certificate() and SSL_use_private_key() functions.
 Thus it will permanently install the certificate and key for this SSL
-object. It will not be reset by calling L<SSL_clear(3)|SSL_clear(3)>.
+object. It will not be reset by calling L<SSL_clear(3)>.
 If the callback returns no certificate, the OpenSSL library will not send
 a certificate.
 
@@ -72,7 +72,7 @@ either adding the intermediate CA certificates into the trusted
 certificate store for the SSL_CTX object (resulting in having to add
 CA certificates that otherwise maybe would not be trusted), or by adding
 the chain certificates using the
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_add_extra_chain_cert(3)>
 function, which is only available for the SSL_CTX object as a whole and that
 therefore probably can only apply for one client certificate, making
 the concept of the callback function (to allow the choice from several
@@ -80,15 +80,15 @@ certificates) questionable.
 
 Once the SSL object has been used in conjunction with the callback function,
 the certificate will be set for the SSL object and will not be cleared
-even when L<SSL_clear(3)|SSL_clear(3)> is being called. It is therefore
-mandatory to destroy the SSL object using L<SSL_free(3)|SSL_free(3)>
+even when L<SSL_clear(3)> is being called. It is therefore
+mandatory to destroy the SSL object using L<SSL_free(3)>
 and create a new one to return to the previous state.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+L<ssl(3)>, L<SSL_CTX_use_certificate(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_get_client_CA_list(3)>,
+L<SSL_clear(3)>, L<SSL_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
index 2b87f01ca1..945513984b 100644
--- a/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
+++ b/doc/ssl/SSL_CTX_set_default_passwd_cb.pod
@@ -70,7 +70,7 @@ truncated.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>
+L<ssl(3)>,
+L<SSL_CTX_use_certificate(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_generate_session_id.pod b/doc/ssl/SSL_CTX_set_generate_session_id.pod
index cd72572b27..f66e3149c5 100644
--- a/doc/ssl/SSL_CTX_set_generate_session_id.pod
+++ b/doc/ssl/SSL_CTX_set_generate_session_id.pod
@@ -121,7 +121,7 @@ same id is already in the cache.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_version(3)|SSL_get_version(3)>
+L<ssl(3)>, L<SSL_get_version(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_info_callback.pod b/doc/ssl/SSL_CTX_set_info_callback.pod
index e1e96a9525..978ce265da 100644
--- a/doc/ssl/SSL_CTX_set_info_callback.pod
+++ b/doc/ssl/SSL_CTX_set_info_callback.pod
@@ -93,10 +93,10 @@ Callback has been called because a handshake is finished.
 =back
 
 The current state information can be obtained using the
-L<SSL_state_string(3)|SSL_state_string(3)> family of functions.
+L<SSL_state_string(3)> family of functions.
 
 The B<ret> information can be evaluated using the
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)> family of functions.
+L<SSL_alert_type_string(3)> family of functions.
 
 =head1 RETURN VALUES
 
@@ -147,7 +147,7 @@ about alerts being handled and error messages to the B<bio_err> BIO.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_state_string(3)|SSL_state_string(3)>,
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>
+L<ssl(3)>, L<SSL_state_string(3)>,
+L<SSL_alert_type_string(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_max_cert_list.pod b/doc/ssl/SSL_CTX_set_max_cert_list.pod
index c2bbda3515..1f66b82f90 100644
--- a/doc/ssl/SSL_CTX_set_max_cert_list.pod
+++ b/doc/ssl/SSL_CTX_set_max_cert_list.pod
@@ -19,7 +19,7 @@ SSL_CTX_set_max_cert_list, SSL_CTX_get_max_cert_list, SSL_set_max_cert_list, SSL
 SSL_CTX_set_max_cert_list() sets the maximum size allowed for the peer's
 certificate chain for all SSL objects created from B<ctx> to be <size> bytes.
 The SSL objects inherit the setting valid for B<ctx> at the time
-L<SSL_new(3)|SSL_new(3)> is being called.
+L<SSL_new(3)> is being called.
 
 SSL_CTX_get_max_cert_list() returns the currently set maximum size for B<ctx>.
 
@@ -41,7 +41,7 @@ chain is set.
 The default value for the maximum certificate chain size is 100kB (30kB
 on the 16bit DOS platform). This should be sufficient for usual certificate
 chains (OpenSSL's default maximum chain length is 10, see
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>, and certificates
+L<SSL_CTX_set_verify(3)>, and certificates
 without special extensions have a typical size of 1-2kB).
 
 For special applications it can be necessary to extend the maximum certificate
@@ -67,8 +67,8 @@ set value.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+L<ssl(3)>, L<SSL_new(3)>,
+L<SSL_CTX_set_verify(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_mode.pod b/doc/ssl/SSL_CTX_set_mode.pod
index a109f343ea..92706e5ef4 100644
--- a/doc/ssl/SSL_CTX_set_mode.pod
+++ b/doc/ssl/SSL_CTX_set_mode.pod
@@ -52,7 +52,7 @@ non-blocking write().
 
 Never bother the application with retries if the transport is blocking.
 If a renegotiation take place during normal operation, a
-L<SSL_read(3)|SSL_read(3)> or L<SSL_write(3)|SSL_write(3)> would return
+L<SSL_read(3)> or L<SSL_write(3)> would return
 with -1 and indicate the need to retry with SSL_ERROR_WANT_READ.
 In a non-blocking environment applications must be prepared to handle
 incomplete read/write operations.
@@ -90,7 +90,7 @@ SSL_CTX_get_mode() and SSL_get_mode() return the current bitmask.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_read(3)|SSL_read(3)>, L<SSL_write(3)|SSL_write(3)>
+L<ssl(3)>, L<SSL_read(3)>, L<SSL_write(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_msg_callback.pod b/doc/ssl/SSL_CTX_set_msg_callback.pod
index 8b82d94a38..07498e3b8a 100644
--- a/doc/ssl/SSL_CTX_set_msg_callback.pod
+++ b/doc/ssl/SSL_CTX_set_msg_callback.pod
@@ -25,7 +25,7 @@ available for arbitrary application use.
 
 SSL_CTX_set_msg_callback() and SSL_CTX_set_msg_callback_arg() specify
 default settings that will be copied to new B<SSL> objects by
-L<SSL_new(3)|SSL_new(3)>. SSL_set_msg_callback() and
+L<SSL_new(3)>. SSL_set_msg_callback() and
 SSL_set_msg_callback_arg() modify the actual settings of an B<SSL>
 object. Using a B<0> pointer for I<cb> disables the message callback.
 
@@ -89,7 +89,7 @@ I<version> will be B<SSL3_VERSION>.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
+L<ssl(3)>, L<SSL_new(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_options.pod b/doc/ssl/SSL_CTX_set_options.pod
index 84dde2805e..519d01f5e0 100644
--- a/doc/ssl/SSL_CTX_set_options.pod
+++ b/doc/ssl/SSL_CTX_set_options.pod
@@ -50,7 +50,7 @@ operation (|).
 SSL_CTX_set_options() and SSL_set_options() affect the (external)
 protocol behaviour of the SSL library. The (internal) behaviour of
 the API can be changed by using the similar
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
+L<SSL_CTX_set_mode(3)> and SSL_set_mode() functions.
 
 During a handshake, the option settings of the SSL object are used. When
 a new SSL object is created from a context using SSL_new(), the current
@@ -136,10 +136,10 @@ to the server's answer and violate the version rollback protection.)
 =item SSL_OP_SINGLE_DH_USE
 
 Always create a new key when using temporary/ephemeral DH parameters
-(see L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+(see L<SSL_CTX_set_tmp_dh_callback(3)>).
 This option must be used to prevent small subgroup attacks, when
 the DH parameters were not generated using "strong" primes
-(e.g. when using DSA-parameters, see L<dhparam(1)|dhparam(1)>).
+(e.g. when using DSA-parameters, see L<dhparam(1)>).
 If "strong" primes were used, it is not strictly necessary to generate
 a new DH key during each handshake but it is also recommended.
 B<SSL_OP_SINGLE_DH_USE> should therefore be enabled whenever
@@ -296,10 +296,10 @@ secure renegotiation and 0 if it does not.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<dhparam(1)|dhparam(1)>
+L<ssl(3)>, L<SSL_new(3)>, L<SSL_clear(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)>,
+L<dhparam(1)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
index 393f8ff0b4..25bb664867 100644
--- a/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
+++ b/doc/ssl/SSL_CTX_set_quiet_shutdown.pod
@@ -18,14 +18,14 @@ SSL_CTX_set_quiet_shutdown, SSL_CTX_get_quiet_shutdown, SSL_set_quiet_shutdown,
 
 SSL_CTX_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ctx> to be
 B<mode>. SSL objects created from B<ctx> inherit the B<mode> valid at the time
-L<SSL_new(3)|SSL_new(3)> is called. B<mode> may be 0 or 1.
+L<SSL_new(3)> is called. B<mode> may be 0 or 1.
 
 SSL_CTX_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ctx>.
 
 SSL_set_quiet_shutdown() sets the "quiet shutdown" flag for B<ssl> to be
 B<mode>. The setting stays valid until B<ssl> is removed with
-L<SSL_free(3)|SSL_free(3)> or SSL_set_quiet_shutdown() is called again.
-It is not changed when L<SSL_clear(3)|SSL_clear(3)> is called.
+L<SSL_free(3)> or SSL_set_quiet_shutdown() is called again.
+It is not changed when L<SSL_clear(3)> is called.
 B<mode> may be 0 or 1.
 
 SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>.
@@ -33,13 +33,13 @@ SSL_get_quiet_shutdown() returns the "quiet shutdown" setting of B<ssl>.
 =head1 NOTES
 
 Normally when a SSL connection is finished, the parties must send out
-"close notify" alert messages using L<SSL_shutdown(3)|SSL_shutdown(3)>
+"close notify" alert messages using L<SSL_shutdown(3)>
 for a clean shutdown.
 
-When setting the "quiet shutdown" flag to 1, L<SSL_shutdown(3)|SSL_shutdown(3)>
+When setting the "quiet shutdown" flag to 1, L<SSL_shutdown(3)>
 will set the internal flags to SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.
-(L<SSL_shutdown(3)|SSL_shutdown(3)> then behaves like
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> called with
+(L<SSL_shutdown(3)> then behaves like
+L<SSL_set_shutdown(3)> called with
 SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN.)
 The session is thus considered to be shutdown, but no "close notify" alert
 is sent to the peer. This behaviour violates the TLS standard.
@@ -56,8 +56,8 @@ setting.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+L<ssl(3)>, L<SSL_shutdown(3)>,
+L<SSL_set_shutdown(3)>, L<SSL_new(3)>,
+L<SSL_clear(3)>, L<SSL_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_read_ahead.pod b/doc/ssl/SSL_CTX_set_read_ahead.pod
index 527164b072..a904a85b67 100644
--- a/doc/ssl/SSL_CTX_set_read_ahead.pod
+++ b/doc/ssl/SSL_CTX_set_read_ahead.pod
@@ -46,6 +46,6 @@ and non zero otherwise.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_session_cache_mode.pod b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
index c5d2f43dff..0e0ea3c519 100644
--- a/doc/ssl/SSL_CTX_set_session_cache_mode.pod
+++ b/doc/ssl/SSL_CTX_set_session_cache_mode.pod
@@ -37,7 +37,7 @@ the external storage if available.
 
 Since a client may try to reuse a session intended for use in a different
 context, the session id context must be set by the server (see
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>).
+L<SSL_CTX_set_session_id_context(3)>).
 
 The following session cache modes and modifiers are available:
 
@@ -53,7 +53,7 @@ Client sessions are added to the session cache. As there is no reliable way
 for the OpenSSL library to know whether a session should be reused or which
 session to choose (due to the abstract BIO layer the SSL engine does not
 have details about the connection), the application must select the session
-to be reused by using the L<SSL_set_session(3)|SSL_set_session(3)>
+to be reused by using the L<SSL_set_session(3)>
 function. This option is not activated by default.
 
 =item SSL_SESS_CACHE_SERVER
@@ -72,10 +72,10 @@ Enable both SSL_SESS_CACHE_CLIENT and SSL_SESS_CACHE_SERVER at the same time.
 
 Normally the session cache is checked for expired sessions every
 255 connections using the
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> function. Since
+L<SSL_CTX_flush_sessions(3)> function. Since
 this may lead to a delay which cannot be controlled, the automatic
 flushing may be disabled and
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> can be called
+L<SSL_CTX_flush_sessions(3)> can be called
 explicitly by the application.
 
 =item SSL_SESS_CACHE_NO_INTERNAL_LOOKUP
@@ -94,7 +94,7 @@ sessions negotiated in an SSL/TLS handshake may be cached for possible reuse.
 Normally a new session is added to the internal cache as well as any external
 session caching (callback) that is configured for the SSL_CTX. This flag will
 prevent sessions being stored in the internal cache (though the application can
-add them manually using L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>). Note:
+add them manually using L<SSL_CTX_add_session(3)>). Note:
 in any SSL/TLS servers where external caching is configured, any successful
 session lookups in the external cache (ie. for session-resume requests) would
 normally be copied into the local cache before processing continues - this flag
@@ -119,15 +119,15 @@ SSL_CTX_get_session_cache_mode() returns the currently set cache mode.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>
+L<ssl(3)>, L<SSL_set_session(3)>,
+L<SSL_session_reused(3)>,
+L<SSL_CTX_add_session(3)>,
+L<SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_cache_size(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_set_session_id_context(3)>,
+L<SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_flush_sessions(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_session_id_context.pod b/doc/ssl/SSL_CTX_set_session_id_context.pod
index 7c9e515336..712b5180b8 100644
--- a/doc/ssl/SSL_CTX_set_session_id_context.pod
+++ b/doc/ssl/SSL_CTX_set_session_id_context.pod
@@ -78,6 +78,6 @@ The operation succeeded.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_ssl_version.pod b/doc/ssl/SSL_CTX_set_ssl_version.pod
index e254f9657b..5bbc65ef10 100644
--- a/doc/ssl/SSL_CTX_set_ssl_version.pod
+++ b/doc/ssl/SSL_CTX_set_ssl_version.pod
@@ -17,8 +17,8 @@ SSL_CTX_set_ssl_version, SSL_set_ssl_method, SSL_get_ssl_method
 
 SSL_CTX_set_ssl_version() sets a new default TLS/SSL B<method> for SSL objects
 newly created from this B<ctx>. SSL objects already created with
-L<SSL_new(3)|SSL_new(3)> are not affected, except when
-L<SSL_clear(3)|SSL_clear(3)> is being called.
+L<SSL_new(3)> are not affected, except when
+L<SSL_clear(3)> is being called.
 
 SSL_set_ssl_method() sets a new TLS/SSL B<method> for a particular B<ssl>
 object. It may be reset, when SSL_clear() is called.
@@ -29,9 +29,9 @@ set in B<ssl>.
 =head1 NOTES
 
 The available B<method> choices are described in
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>.
+L<SSL_CTX_new(3)>.
 
-When L<SSL_clear(3)|SSL_clear(3)> is called and no session is connected to
+When L<SSL_clear(3)> is called and no session is connected to
 an SSL object, the method of the SSL object is reset to the method currently
 set in the corresponding SSL_CTX object.
 
@@ -54,8 +54,8 @@ The operation succeeded.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<ssl(3)|ssl(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+L<SSL_CTX_new(3)>, L<SSL_new(3)>,
+L<SSL_clear(3)>, L<ssl(3)>,
+L<SSL_set_connect_state(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_timeout.pod b/doc/ssl/SSL_CTX_set_timeout.pod
index e3de27c473..eb9f40460d 100644
--- a/doc/ssl/SSL_CTX_set_timeout.pod
+++ b/doc/ssl/SSL_CTX_set_timeout.pod
@@ -30,15 +30,15 @@ valid at the time of the session negotiation. Changes of the timeout value
 do not affect already established sessions.
 
 The expiration time of a single session can be modified using the
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)> family of functions.
+L<SSL_SESSION_get_time(3)> family of functions.
 
 Expired sessions are removed from the internal session cache, whenever
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> is called, either
+L<SSL_CTX_flush_sessions(3)> is called, either
 directly by the application or automatically (see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>)
+L<SSL_CTX_set_session_cache_mode(3)>)
 
 The default value for session timeout is decided on a per protocol
-basis, see L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>.
+basis, see L<SSL_get_default_timeout(3)>.
 All currently supported protocols have the same default timeout value
 of 300 seconds.
 
@@ -50,10 +50,10 @@ SSL_CTX_get_timeout() returns the currently set timeout value.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_get_time(3)>,
+L<SSL_CTX_flush_sessions(3)>,
+L<SSL_get_default_timeout(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
index 4e9fd843fc..1169e9b2e2 100644
--- a/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
+++ b/doc/ssl/SSL_CTX_set_tlsext_ticket_key_cb.pod
@@ -178,12 +178,12 @@ returns 0 to indicate the callback function was set.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
+L<ssl(3)>, L<SSL_set_session(3)>,
+L<SSL_session_reused(3)>,
+L<SSL_CTX_add_session(3)>,
+L<SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_set_session_id_context(3)>,
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
index 64c8b65276..3e08b88203 100644
--- a/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
+++ b/doc/ssl/SSL_CTX_set_tmp_dh_callback.pod
@@ -74,14 +74,14 @@ DH parameters can be reused, as the actual key is newly generated during
 the negotiation. The risk in reusing DH parameters is that an attacker
 may specialize on a very often used DH group. Applications should therefore
 generate their own DH parameters during the installation process using the
-openssl L<dhparam(1)|dhparam(1)> application. This application
+openssl L<dhparam(1)> application. This application
 guarantees that "strong" primes are used.
 
 Files dh2048.pem, and dh4096.pem in the 'apps' directory of the current
 version of the OpenSSL distribution contain the 'SKIP' DH parameters,
 which use safe primes and were generated verifiably pseudo-randomly.
 These files can be converted into C code using the B<-C> option of the
-L<dhparam(1)|dhparam(1)> application. Generation of custom DH
+L<dhparam(1)> application. Generation of custom DH
 parameters during installation should still be preferred to stop an
 attacker from specializing on a commonly used group. File dh1024.pem
 contains old parameters that must not be used by applications.
@@ -140,9 +140,9 @@ on failure. Check the error queue to find out the reason of failure.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<ciphers(1)|ciphers(1)>, L<dhparam(1)|dhparam(1)>
+L<ssl(3)>, L<SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_options(3)>,
+L<ciphers(1)>, L<dhparam(1)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
index 94c55b8045..296699d8f0 100644
--- a/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
+++ b/doc/ssl/SSL_CTX_set_tmp_rsa_callback.pod
@@ -72,7 +72,7 @@ violates the standard and can break interoperability with clients.
 It is therefore strongly recommended to not use ephemeral RSA key
 exchange and use DHE (Ephemeral Diffie-Hellman) key exchange instead
 in order to achieve forward secrecy (see
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>).
+L<SSL_CTX_set_tmp_dh_callback(3)>).
 
 An application may either directly specify the key or can supply the key via a
 callback function. The callback approach has the advantage, that the callback
@@ -151,9 +151,9 @@ RSA key is needed and 0 otherwise.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_new(3)|SSL_new(3)>, L<ciphers(1)|ciphers(1)>
+L<ssl(3)>, L<SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_options(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_new(3)>, L<ciphers(1)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_set_verify.pod b/doc/ssl/SSL_CTX_set_verify.pod
index b6ba6bb51c..5da4166949 100644
--- a/doc/ssl/SSL_CTX_set_verify.pod
+++ b/doc/ssl/SSL_CTX_set_verify.pod
@@ -29,7 +29,7 @@ shall be specified, the NULL pointer can be used for B<verify_callback>. In
 this case last B<verify_callback> set specifically for this B<ssl> remains. If
 no special B<callback> was set before, the default callback for the underlying
 B<ctx> is used, that was valid at the time B<ssl> was created with
-L<SSL_new(3)|SSL_new(3)>.
+L<SSL_new(3)>.
 
 SSL_CTX_set_verify_depth() sets the maximum B<depth> for the certificate chain
 verification that shall be allowed for B<ctx>. (See the BUGS section.)
@@ -52,7 +52,7 @@ client, so the client will not send a certificate.
 B<Client mode:> if not using an anonymous cipher (by default disabled), the
 server will send a certificate which will be checked. The result of the
 certificate verification process can be checked after the TLS/SSL handshake
-using the L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> function.
+using the L<SSL_get_verify_result(3)> function.
 The handshake will be continued regardless of the verification result.
 
 =item SSL_VERIFY_PEER
@@ -95,7 +95,7 @@ set at any time.
 The actual verification procedure is performed either using the built-in
 verification procedure or using another application provided verification
 function set with
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>.
+L<SSL_CTX_set_cert_verify_callback(3)>.
 The following descriptions apply in the case of the built-in procedure. An
 application provided procedure also has access to the verify depth information
 and the verify_callback() function, but the way this information is used
@@ -138,7 +138,7 @@ the verification process is continued. If B<verify_callback> always returns
 1, the TLS/SSL handshake will not be terminated with respect to verification
 failures and the connection will be established. The calling process can
 however retrieve the error code of the last verification error using
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> or by maintaining its
+L<SSL_get_verify_result(3)> or by maintaining its
 own error storage managed by B<verify_callback>.
 
 If no B<verify_callback> is specified, the default callback will be used.
@@ -176,8 +176,8 @@ certificates.
 
 The example makes use of the ex_data technique to store application data
 into/retrieve application data from the SSL structure
-(see L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
+(see L<SSL_get_ex_new_index(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
 
  ...
  typedef struct {
@@ -282,13 +282,13 @@ L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>).
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>,
-L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
-L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>
+L<ssl(3)>, L<SSL_new(3)>,
+L<SSL_CTX_get_verify_mode(3)>,
+L<SSL_get_verify_result(3)>,
+L<SSL_CTX_load_verify_locations(3)>,
+L<SSL_get_peer_certificate(3)>,
+L<SSL_CTX_set_cert_verify_callback(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+L<SSL_get_ex_new_index(3)>
 
 =cut
diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod
index 6514d015f8..76c4883ad0 100644
--- a/doc/ssl/SSL_CTX_use_certificate.pod
+++ b/doc/ssl/SSL_CTX_use_certificate.pod
@@ -42,18 +42,18 @@ or SSL object, respectively.
 
 The SSL_CTX_* class of functions loads the certificates and keys into the
 SSL_CTX object B<ctx>. The information is passed to SSL objects B<ssl>
-created from B<ctx> with L<SSL_new(3)|SSL_new(3)> by copying, so that
+created from B<ctx> with L<SSL_new(3)> by copying, so that
 changes applied to B<ctx> do not propagate to already existing SSL objects.
 
 The SSL_* class of functions only loads certificates and keys into a
 specific SSL object. The specific information is kept, when
-L<SSL_clear(3)|SSL_clear(3)> is called for this SSL object.
+L<SSL_clear(3)> is called for this SSL object.
 
 SSL_CTX_use_certificate() loads the certificate B<x> into B<ctx>,
 SSL_use_certificate() loads B<x> into B<ssl>. The rest of the
 certificates needed to form the complete certificate chain can be
 specified using the
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<SSL_CTX_add_extra_chain_cert(3)>
 function.
 
 SSL_CTX_use_certificate_ASN1() loads the ASN1 encoded certificate from
@@ -112,7 +112,7 @@ this B<ssl>, the last item added into B<ctx> will be checked.
   
 The internal certificate store of OpenSSL can hold several private
 key/certificate pairs at a time. The certificate used depends on the
-cipher selected, see also L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>.
+cipher selected, see also L<SSL_CTX_set_cipher_list(3)>.
 
 When reading certificates and private keys from file, files of type
 SSL_FILETYPE_ASN1 (also known as B<DER>, binary encoding) can only contain
@@ -122,7 +122,7 @@ Files of type SSL_FILETYPE_PEM can contain more than one item.
 
 SSL_CTX_use_certificate_chain_file() adds the first certificate found
 in the file to the certificate store. The other certificates are added
-to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)|SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL before 1.0.2 only had a single
+to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL before 1.0.2 only had a single
 certificate chain store for all certificate types, OpenSSL 1.0.2 and later
 have a separate chain store for each type. SSL_CTX_use_certificate_chain_file() 
 should be used instead of the SSL_CTX_use_certificate_file() function in order
@@ -133,12 +133,12 @@ the trusted CA storage.
 If additional certificates are needed to complete the chain during the
 TLS negotiation, CA certificates are additionally looked up in the
 locations of trusted CA certificates, see
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>.
+L<SSL_CTX_load_verify_locations(3)>.
 
 The private keys loaded from file can be encrypted. In order to successfully
 load encrypted keys, a function returning the passphrase must have been
 supplied, see
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>.
+L<SSL_CTX_set_default_passwd_cb(3)>.
 (Certificate files might be encrypted as well from the technical point
 of view, it however does not make sense as the data in the certificate
 is considered public anyway.)
@@ -150,12 +150,12 @@ Otherwise check out the error stack to find out the reason.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>,
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
-L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>
+L<ssl(3)>, L<SSL_new(3)>, L<SSL_clear(3)>,
+L<SSL_CTX_load_verify_locations(3)>,
+L<SSL_CTX_set_default_passwd_cb(3)>,
+L<SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_SESSION_free.pod b/doc/ssl/SSL_SESSION_free.pod
index f30fe13c7d..5791da1b59 100644
--- a/doc/ssl/SSL_SESSION_free.pod
+++ b/doc/ssl/SSL_SESSION_free.pod
@@ -21,7 +21,7 @@ If B<session> is NULL nothing is done.
 
 SSL_SESSION objects are allocated, when a TLS/SSL handshake operation
 is successfully completed. Depending on the settings, see
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
 the SSL_SESSION objects are internally referenced by the SSL_CTX and
 linked into its session cache. SSL objects may be using the SSL_SESSION object;
 as a session may be reused, several SSL objects may be using one SSL_SESSION
@@ -32,13 +32,13 @@ dangling pointers. These failures may also appear delayed, e.g.
 when an SSL_SESSION object was completely freed as the reference count
 incorrectly became 0, but it is still referenced in the internal
 session cache and the cache list is processed during a
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)> operation.
+L<SSL_CTX_flush_sessions(3)> operation.
 
 SSL_SESSION_free() must only be called for SSL_SESSION objects, for
 which the reference count was explicitly incremented (e.g.
-by calling SSL_get1_session(), see L<SSL_get_session(3)|SSL_get_session(3)>)
+by calling SSL_get1_session(), see L<SSL_get_session(3)>)
 or when the SSL_SESSION object was generated outside a TLS handshake
-operation, e.g. by using L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>.
+operation, e.g. by using L<d2i_SSL_SESSION(3)>.
 It must not be called on other SSL_SESSION objects, as this would cause
 incorrect reference counts and therefore program failures.
 
@@ -48,9 +48,9 @@ SSL_SESSION_free() does not provide diagnostic information.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
- L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>
+L<ssl(3)>, L<SSL_get_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_flush_sessions(3)>,
+L<d2i_SSL_SESSION(3)>
 
 =cut
diff --git a/doc/ssl/SSL_SESSION_get_ex_new_index.pod b/doc/ssl/SSL_SESSION_get_ex_new_index.pod
index 657cda931f..f5390c1f3a 100644
--- a/doc/ssl/SSL_SESSION_get_ex_new_index.pod
+++ b/doc/ssl/SSL_SESSION_get_ex_new_index.pod
@@ -40,9 +40,9 @@ SSL_SESSION_get_ex_data() is used to retrieve the information for B<idx> from
 B<session>.
 
 A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+can be found in L<RSA_get_ex_new_index(3)>.
 The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+L<CRYPTO_set_ex_data(3)>.
 
 =head1 WARNINGS
 
@@ -54,8 +54,8 @@ therefore not be restored.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+L<ssl(3)>,
+L<RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)>
 
 =cut
diff --git a/doc/ssl/SSL_SESSION_get_time.pod b/doc/ssl/SSL_SESSION_get_time.pod
index 490337a32f..dbbf7bf6ae 100644
--- a/doc/ssl/SSL_SESSION_get_time.pod
+++ b/doc/ssl/SSL_SESSION_get_time.pod
@@ -41,7 +41,7 @@ functions are synonyms for the SSL_SESSION_*() counterparts.
 Sessions are expired by examining the creation time and the timeout value.
 Both are set at creation time of the session to the actual time and the
 default timeout value at creation, respectively, as set by
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>.
+L<SSL_CTX_set_timeout(3)>.
 Using these functions it is possible to extend or shorten the lifetime
 of the session.
 
@@ -57,8 +57,8 @@ If any of the function is passed the NULL pointer for the session B<s>,
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_timeout(3)>,
+L<SSL_get_default_timeout(3)>
 
 =cut
diff --git a/doc/ssl/SSL_SESSION_has_ticket.pod b/doc/ssl/SSL_SESSION_has_ticket.pod
index d9b2a06196..92d261f8bc 100644
--- a/doc/ssl/SSL_SESSION_has_ticket.pod
+++ b/doc/ssl/SSL_SESSION_has_ticket.pod
@@ -29,10 +29,10 @@ may also become invalid as a result of a call to SSL_CTX_flush_sessions().
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+L<ssl(3)>,
+L<d2i_SSL_SESSION(3)>,
+L<SSL_SESSION_get_time(3)>,
+L<SSL_SESSION_free(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_accept.pod b/doc/ssl/SSL_accept.pod
index 89ad6bd0ba..a827fb5991 100644
--- a/doc/ssl/SSL_accept.pod
+++ b/doc/ssl/SSL_accept.pod
@@ -64,10 +64,10 @@ to find out the reason.
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>
+L<SSL_get_error(3)>, L<SSL_connect(3)>,
+L<SSL_shutdown(3)>, L<ssl(3)>, L<bio(3)>,
+L<SSL_set_connect_state(3)>,
+L<SSL_do_handshake(3)>,
+L<SSL_CTX_new(3)>
 
 =cut
diff --git a/doc/ssl/SSL_alert_type_string.pod b/doc/ssl/SSL_alert_type_string.pod
index 0329c34869..c61b61bfdc 100644
--- a/doc/ssl/SSL_alert_type_string.pod
+++ b/doc/ssl/SSL_alert_type_string.pod
@@ -228,6 +228,6 @@ Probably B<value> does not contain a correct alert message.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
+L<ssl(3)>, L<SSL_CTX_set_info_callback(3)>
 
 =cut
diff --git a/doc/ssl/SSL_check_chain.pod b/doc/ssl/SSL_check_chain.pod
index d3b7601909..da6d8ab8e4 100644
--- a/doc/ssl/SSL_check_chain.pod
+++ b/doc/ssl/SSL_check_chain.pod
@@ -79,7 +79,7 @@ for earlier versions of TLS or DTLS.
 
 =head1 SEE ALSO
 
-L<SSL_CTX_set_cert_cb(3)|SSL_CTX_set_cert_cb(3)>,
-L<ssl(3)|ssl(3)>
+L<SSL_CTX_set_cert_cb(3)>,
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_clear.pod b/doc/ssl/SSL_clear.pod
index 1b9ea1f4fc..9a760b56d2 100644
--- a/doc/ssl/SSL_clear.pod
+++ b/doc/ssl/SSL_clear.pod
@@ -21,8 +21,8 @@ SSL_clear is used to prepare an SSL object for a new connection. While all
 settings are kept, a side effect is the handling of the current SSL session.
 If a session is still B<open>, it is considered bad and will be removed
 from the session cache, as required by RFC2246. A session is considered open,
-if L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
-or at least L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was used to
+if L<SSL_shutdown(3)> was not called for the connection
+or at least L<SSL_set_shutdown(3)> was used to
 set the SSL_SENT_SHUTDOWN state.
 
 If a session was closed cleanly, the session object will be kept and all
@@ -31,7 +31,7 @@ used during the session will be kept for the next handshake. So if the
 session was a TLSv1 session, a SSL client object will use a TLSv1 client
 method for the next handshake and a SSL server object will use a TLSv1
 server method, even if TLS_*_methods were chosen on startup. This
-will might lead to connection failures (see L<SSL_new(3)|SSL_new(3)>)
+will might lead to connection failures (see L<SSL_new(3)>)
 for a description of the method's properties.
 
 =head1 WARNINGS
@@ -42,12 +42,12 @@ reset operation however keeps several settings of the last sessions
 handshake). It only makes sense for a new connection with the exact
 same peer that shares these settings, and may fail if that peer
 changes its settings between connections. Use the sequence
-L<SSL_get_session(3)|SSL_get_session(3)>;
-L<SSL_new(3)|SSL_new(3)>;
-L<SSL_set_session(3)|SSL_set_session(3)>;
-L<SSL_free(3)|SSL_free(3)>
+L<SSL_get_session(3)>;
+L<SSL_new(3)>;
+L<SSL_set_session(3)>;
+L<SSL_free(3)>
 instead to avoid such failures
-(or simply L<SSL_free(3)|SSL_free(3)>; L<SSL_new(3)|SSL_new(3)>
+(or simply L<SSL_free(3)>; L<SSL_new(3)>
 if session reuse is not desired).
 
 =head1 RETURN VALUES
@@ -67,9 +67,9 @@ The SSL_clear() operation was successful.
 
 =back
 
-L<SSL_new(3)|SSL_new(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>, L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
+L<SSL_new(3)>, L<SSL_free(3)>,
+L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+L<SSL_CTX_set_options(3)>, L<ssl(3)>,
+L<SSL_CTX_set_client_cert_cb(3)>
 
 =cut
diff --git a/doc/ssl/SSL_connect.pod b/doc/ssl/SSL_connect.pod
index 68e2b82b8d..8101d4de91 100644
--- a/doc/ssl/SSL_connect.pod
+++ b/doc/ssl/SSL_connect.pod
@@ -64,10 +64,10 @@ to find out the reason.
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>
+L<SSL_get_error(3)>, L<SSL_accept(3)>,
+L<SSL_shutdown(3)>, L<ssl(3)>, L<bio(3)>,
+L<SSL_set_connect_state(3)>,
+L<SSL_do_handshake(3)>,
+L<SSL_CTX_new(3)>
 
 =cut
diff --git a/doc/ssl/SSL_do_handshake.pod b/doc/ssl/SSL_do_handshake.pod
index 8b590c9f16..01b71ae45d 100644
--- a/doc/ssl/SSL_do_handshake.pod
+++ b/doc/ssl/SSL_do_handshake.pod
@@ -15,8 +15,8 @@ SSL_do_handshake - perform a TLS/SSL handshake
 SSL_do_handshake() will wait for a SSL/TLS handshake to take place. If the
 connection is in client mode, the handshake will be started. The handshake
 routines may have to be explicitly set in advance using either
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or
-L<SSL_set_accept_state(3)|SSL_set_accept_state(3)>.
+L<SSL_set_connect_state(3)> or
+L<SSL_set_accept_state(3)>.
 
 =head1 NOTES
 
@@ -65,8 +65,8 @@ to find out the reason.
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>
+L<SSL_get_error(3)>, L<SSL_connect(3)>,
+L<SSL_accept(3)>, L<ssl(3)>, L<bio(3)>,
+L<SSL_set_connect_state(3)>
 
 =cut
diff --git a/doc/ssl/SSL_free.pod b/doc/ssl/SSL_free.pod
index e3e6f56dc4..2715443038 100644
--- a/doc/ssl/SSL_free.pod
+++ b/doc/ssl/SSL_free.pod
@@ -29,8 +29,8 @@ failure.
 The ssl session has reference counts from two users: the SSL object, for
 which the reference count is removed by SSL_free() and the internal
 session cache. If the session is considered bad, because
-L<SSL_shutdown(3)|SSL_shutdown(3)> was not called for the connection
-and L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> was not used to set the
+L<SSL_shutdown(3)> was not called for the connection
+and L<SSL_set_shutdown(3)> was not used to set the
 SSL_SENT_SHUTDOWN state, the session will also be removed
 from the session cache as required by RFC2246.
 
@@ -38,8 +38,8 @@ from the session cache as required by RFC2246.
 
 SSL_free() does not provide diagnostic information.
 
-L<SSL_new(3)|SSL_new(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<ssl(3)|ssl(3)>
+L<SSL_new(3)>, L<SSL_clear(3)>,
+L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_SSL_CTX.pod b/doc/ssl/SSL_get_SSL_CTX.pod
index 659c482c79..ed3a3b208b 100644
--- a/doc/ssl/SSL_get_SSL_CTX.pod
+++ b/doc/ssl/SSL_get_SSL_CTX.pod
@@ -13,7 +13,7 @@ SSL_get_SSL_CTX - get the SSL_CTX from which an SSL is created
 =head1 DESCRIPTION
 
 SSL_get_SSL_CTX() returns a pointer to the SSL_CTX object, from which
-B<ssl> was created with L<SSL_new(3)|SSL_new(3)>.
+B<ssl> was created with L<SSL_new(3)>.
 
 =head1 RETURN VALUES
 
@@ -21,6 +21,6 @@ The pointer to the SSL_CTX object is returned.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>
+L<ssl(3)>, L<SSL_new(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_ciphers.pod b/doc/ssl/SSL_get_ciphers.pod
index 341745436d..65781dae0b 100644
--- a/doc/ssl/SSL_get_ciphers.pod
+++ b/doc/ssl/SSL_get_ciphers.pod
@@ -30,7 +30,7 @@ is returned.
 =head1 NOTES
 
 The details of the ciphers obtained by SSL_get_ciphers() can be obtained using
-the L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> family of functions.
+the L<SSL_CIPHER_get_name(3)> family of functions.
 
 Call SSL_get_cipher_list() with B<priority> starting from 0 to obtain the
 sorted list of available ciphers, until NULL is returned.
@@ -46,7 +46,7 @@ See DESCRIPTION
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
+L<ssl(3)>, L<SSL_CTX_set_cipher_list(3)>,
+L<SSL_CIPHER_get_name(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_client_CA_list.pod b/doc/ssl/SSL_get_client_CA_list.pod
index 68181b2407..62be122e16 100644
--- a/doc/ssl/SSL_get_client_CA_list.pod
+++ b/doc/ssl/SSL_get_client_CA_list.pod
@@ -14,11 +14,11 @@ SSL_get_client_CA_list, SSL_CTX_get_client_CA_list - get list of client CAs
 =head1 DESCRIPTION
 
 SSL_CTX_get_client_CA_list() returns the list of client CAs explicitly set for
-B<ctx> using L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>.
+B<ctx> using L<SSL_CTX_set_client_CA_list(3)>.
 
 SSL_get_client_CA_list() returns the list of client CAs explicitly
 set for B<ssl> using SSL_set_client_CA_list() or B<ssl>'s SSL_CTX object with
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, when in
+L<SSL_CTX_set_client_CA_list(3)>, when in
 server mode. In client mode, SSL_get_client_CA_list returns the list of
 client CAs sent from the server, if any.
 
@@ -46,8 +46,8 @@ the server did not send a list of CAs (client mode).
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_client_random.pod b/doc/ssl/SSL_get_client_random.pod
index 2cddf73797..3db5a26b11 100644
--- a/doc/ssl/SSL_get_client_random.pod
+++ b/doc/ssl/SSL_get_client_random.pod
@@ -71,9 +71,9 @@ of bytes they would copy--that is, the length of the underlying field.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<RAND_bytes(3)|RAND_bytes(3)>,
-L<SSL_export_keying_material(3)|SSL_export_keying_material(3)>
+L<ssl(3)>,
+L<RAND_bytes(3)>,
+L<SSL_export_keying_material(3)>
 
 
 =cut
diff --git a/doc/ssl/SSL_get_current_cipher.pod b/doc/ssl/SSL_get_current_cipher.pod
index e5ab12491e..9151203e57 100644
--- a/doc/ssl/SSL_get_current_cipher.pod
+++ b/doc/ssl/SSL_get_current_cipher.pod
@@ -29,7 +29,7 @@ SSL_get_cipher() and SSL_get_cipher_name() are identical macros to obtain the
 name of the currently used cipher. SSL_get_cipher_bits() is a
 macro to obtain the number of secret/algorithm bits used and 
 SSL_get_cipher_version() returns the protocol name.
-See L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)> for more details.
+See L<SSL_CIPHER_get_name(3)> for more details.
 
 =head1 RETURN VALUES
 
@@ -38,6 +38,6 @@ no session has been established.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>
+L<ssl(3)>, L<SSL_CIPHER_get_name(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_default_timeout.pod b/doc/ssl/SSL_get_default_timeout.pod
index 3a067fe892..9bde2227e0 100644
--- a/doc/ssl/SSL_get_default_timeout.pod
+++ b/doc/ssl/SSL_get_default_timeout.pod
@@ -20,7 +20,7 @@ SSL_SESSION objects negotiated for the protocol valid for B<ssl>.
 Whenever a new session is negotiated, it is assigned a timeout value,
 after which it will not be accepted for session reuse. If the timeout
 value was not explicitly set using
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>, the hardcoded default
+L<SSL_CTX_set_timeout(3)>, the hardcoded default
 timeout for the protocol will be used.
 
 SSL_get_default_timeout() return this hardcoded value, which is 300 seconds
@@ -32,10 +32,10 @@ See description.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_SESSION_get_time(3)>,
+L<SSL_CTX_flush_sessions(3)>,
+L<SSL_get_default_timeout(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_error.pod b/doc/ssl/SSL_get_error.pod
index 48c6b15db7..015f2c7c40 100644
--- a/doc/ssl/SSL_get_error.pod
+++ b/doc/ssl/SSL_get_error.pod
@@ -105,7 +105,7 @@ OpenSSL error queue contains more information on the error.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>
+L<ssl(3)>, L<err(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
index 165c6a5b2c..2957a2a330 100644
--- a/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
+++ b/doc/ssl/SSL_get_ex_data_X509_STORE_CTX_idx.pod
@@ -51,11 +51,11 @@ An error occurred, check the error stack for a detailed error message.
 The index returned from SSL_get_ex_data_X509_STORE_CTX_idx() allows to
 access the SSL object for the connection to be accessed during the
 verify_callback() when checking the peers certificate. Please check
-the example in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
+the example in L<SSL_CTX_set_verify(3)>,
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>
+L<ssl(3)>, L<SSL_CTX_set_verify(3)>,
+L<CRYPTO_set_ex_data(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_ex_new_index.pod b/doc/ssl/SSL_get_ex_new_index.pod
index 228d23d8c0..6c2e919dcc 100644
--- a/doc/ssl/SSL_get_ex_new_index.pod
+++ b/doc/ssl/SSL_get_ex_new_index.pod
@@ -40,20 +40,20 @@ SSL_get_ex_data() is used to retrieve the information for B<idx> from
 B<ssl>.
 
 A detailed description for the B<*_get_ex_new_index()> functionality
-can be found in L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>.
+can be found in L<RSA_get_ex_new_index(3)>.
 The B<*_get_ex_data()> and B<*_set_ex_data()> functionality is described in
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>.
+L<CRYPTO_set_ex_data(3)>.
 
 =head1 EXAMPLES
 
 An example on how to use the functionality is included in the example
-verify_callback() in L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>.
+verify_callback() in L<SSL_CTX_set_verify(3)>.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<RSA_get_ex_new_index(3)|RSA_get_ex_new_index(3)>,
-L<CRYPTO_set_ex_data(3)|CRYPTO_set_ex_data(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+L<ssl(3)>,
+L<RSA_get_ex_new_index(3)>,
+L<CRYPTO_set_ex_data(3)>,
+L<SSL_CTX_set_verify(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_extms_support.pod b/doc/ssl/SSL_get_extms_support.pod
index 4e24824605..ecfd090c80 100644
--- a/doc/ssl/SSL_get_extms_support.pod
+++ b/doc/ssl/SSL_get_extms_support.pod
@@ -26,6 +26,6 @@ was used.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_fd.pod b/doc/ssl/SSL_get_fd.pod
index 19e52d68d0..8895747cee 100644
--- a/doc/ssl/SSL_get_fd.pod
+++ b/doc/ssl/SSL_get_fd.pod
@@ -39,6 +39,6 @@ The file descriptor linked to B<ssl>.
 
 =head1 SEE ALSO
 
-L<SSL_set_fd(3)|SSL_set_fd(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+L<SSL_set_fd(3)>, L<ssl(3)> , L<bio(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_peer_cert_chain.pod b/doc/ssl/SSL_get_peer_cert_chain.pod
index 059376c76b..4d3e6d5b09 100644
--- a/doc/ssl/SSL_get_peer_cert_chain.pod
+++ b/doc/ssl/SSL_get_peer_cert_chain.pod
@@ -16,7 +16,7 @@ SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates
 forming the certificate chain of the peer. If called on the client side,
 the stack also contains the peer's certificate; if called on the server
 side, the peer's certificate must be obtained separately using
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
+L<SSL_get_peer_certificate(3)>.
 If the peer did not present a certificate, NULL is returned.
 
 =head1 NOTES
@@ -47,6 +47,6 @@ The return value points to the certificate chain presented by the peer.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>
+L<ssl(3)>, L<SSL_get_peer_certificate(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_peer_certificate.pod b/doc/ssl/SSL_get_peer_certificate.pod
index ef7c8be180..c605a7c6f6 100644
--- a/doc/ssl/SSL_get_peer_certificate.pod
+++ b/doc/ssl/SSL_get_peer_certificate.pod
@@ -20,11 +20,11 @@ peer presented. If the peer did not present a certificate, NULL is returned.
 Due to the protocol definition, a TLS/SSL server will always send a
 certificate, if present. A client will only send a certificate when
 explicitly requested to do so by the server (see
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
+L<SSL_CTX_set_verify(3)>). If an anonymous cipher
 is used, no certificates are sent.
 
 That a certificate is returned does not indicate information about the
-verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
+verification state, use L<SSL_get_verify_result(3)>
 to check the verification state.
 
 The reference count of the X509 object is incremented by one, so that it
@@ -49,7 +49,7 @@ The return value points to the certificate presented by the peer.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
+L<ssl(3)>, L<SSL_get_verify_result(3)>,
+L<SSL_CTX_set_verify(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_rbio.pod b/doc/ssl/SSL_get_rbio.pod
index 08dea6a6cd..4e91ce0643 100644
--- a/doc/ssl/SSL_get_rbio.pod
+++ b/doc/ssl/SSL_get_rbio.pod
@@ -35,6 +35,6 @@ The BIO linked to B<ssl>.
 
 =head1 SEE ALSO
 
-L<SSL_set_bio(3)|SSL_set_bio(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+L<SSL_set_bio(3)>, L<ssl(3)> , L<bio(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_session.pod b/doc/ssl/SSL_get_session.pod
index 1a30f7bb5f..d360e8a3bb 100644
--- a/doc/ssl/SSL_get_session.pod
+++ b/doc/ssl/SSL_get_session.pod
@@ -30,16 +30,16 @@ connection without a new handshake.
 
 SSL_get0_session() returns a pointer to the actual session. As the
 reference counter is not incremented, the pointer is only valid while
-the connection is in use. If L<SSL_clear(3)|SSL_clear(3)> or
-L<SSL_free(3)|SSL_free(3)> is called, the session may be removed completely
+the connection is in use. If L<SSL_clear(3)> or
+L<SSL_free(3)> is called, the session may be removed completely
 (if considered bad), and the pointer obtained will become invalid. Even
 if the session is valid, it can be removed at any time due to timeout
-during L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>.
+during L<SSL_CTX_flush_sessions(3)>.
 
 If the data is to be kept, SSL_get1_session() will increment the reference
 count, so that the session will not be implicitly removed by other operations
 but stays in memory. In order to remove the session
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)> must be explicitly called once
+L<SSL_SESSION_free(3)> must be explicitly called once
 to decrement the reference count again.
 
 SSL_SESSION objects keep internal link information about the session cache
@@ -66,8 +66,8 @@ The return value points to the data of an SSL session.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>
+L<ssl(3)>, L<SSL_free(3)>,
+L<SSL_clear(3)>,
+L<SSL_SESSION_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_shared_sigalgs.pod b/doc/ssl/SSL_get_shared_sigalgs.pod
index 16f7d486fe..ad305e6b5c 100644
--- a/doc/ssl/SSL_get_shared_sigalgs.pod
+++ b/doc/ssl/SSL_get_shared_sigalgs.pod
@@ -71,7 +71,7 @@ or is not an appropriate combination (for example MD5 and DSA).
 
 =head1 SEE ALSO
 
-L<SSL_CTX_set_cert_cb(3)|SSL_CTX_set_cert_cb(3)>,
-L<ssl(3)|ssl(3)>
+L<SSL_CTX_set_cert_cb(3)>,
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_get_verify_result.pod b/doc/ssl/SSL_get_verify_result.pod
index 55b56a53f9..8b25eb2fcb 100644
--- a/doc/ssl/SSL_get_verify_result.pod
+++ b/doc/ssl/SSL_get_verify_result.pod
@@ -30,7 +30,7 @@ when a session is reused.
 If no peer certificate was presented, the returned result code is
 X509_V_OK. This is because no verification error occurred, it does however
 not indicate success. SSL_get_verify_result() is only useful in connection
-with L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
+with L<SSL_get_peer_certificate(3)>.
 
 =head1 RETURN VALUES
 
@@ -44,14 +44,14 @@ The verification succeeded or no peer certificate was presented.
 
 =item Any other value
 
-Documented in L<verify(1)|verify(1)>.
+Documented in L<verify(1)>.
 
 =back
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_set_verify_result(3)|SSL_set_verify_result(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<verify(1)|verify(1)>
+L<ssl(3)>, L<SSL_set_verify_result(3)>,
+L<SSL_get_peer_certificate(3)>,
+L<verify(1)>
 
 =cut
diff --git a/doc/ssl/SSL_get_version.pod b/doc/ssl/SSL_get_version.pod
index b91bb47f78..e0c7034f2e 100644
--- a/doc/ssl/SSL_get_version.pod
+++ b/doc/ssl/SSL_get_version.pod
@@ -45,6 +45,6 @@ This indicates that no version has been set (no connection established).
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_library_init.pod b/doc/ssl/SSL_library_init.pod
index 8766776fea..1c99e76e61 100644
--- a/doc/ssl/SSL_library_init.pod
+++ b/doc/ssl/SSL_library_init.pod
@@ -51,7 +51,7 @@ OpenSSL_add_all_algorithms() as well.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_load_error_strings(3)|SSL_load_error_strings(3)>,
-L<RAND_add(3)|RAND_add(3)>
+L<ssl(3)>, L<SSL_load_error_strings(3)>,
+L<RAND_add(3)>
 
 =cut
diff --git a/doc/ssl/SSL_load_client_CA_file.pod b/doc/ssl/SSL_load_client_CA_file.pod
index 02527dc2ed..f9da0c21ab 100644
--- a/doc/ssl/SSL_load_client_CA_file.pod
+++ b/doc/ssl/SSL_load_client_CA_file.pod
@@ -20,7 +20,7 @@ a STACK_OF(X509_NAME) with the subject names found.
 SSL_load_client_CA_file() reads a file of PEM formatted certificates and
 extracts the X509_NAMES of the certificates found. While the name suggests
 the specific usage as support function for
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_CA_list(3)>,
 it is not limited to CA certificates.
 
 =head1 EXAMPLES
@@ -56,7 +56,7 @@ Pointer to the subject names of the successfully read certificates.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>
+L<ssl(3)>,
+L<SSL_CTX_set_client_CA_list(3)>
 
 =cut
diff --git a/doc/ssl/SSL_new.pod b/doc/ssl/SSL_new.pod
index f0774a57ae..4c350c507f 100644
--- a/doc/ssl/SSL_new.pod
+++ b/doc/ssl/SSL_new.pod
@@ -36,9 +36,9 @@ The return value points to an allocated SSL structure.
 
 =head1 SEE ALSO
 
-L<SSL_free(3)|SSL_free(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
-L<ssl(3)|ssl(3)>
+L<SSL_free(3)>, L<SSL_clear(3)>,
+L<SSL_CTX_set_options(3)>,
+L<SSL_get_SSL_CTX(3)>,
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_pending.pod b/doc/ssl/SSL_pending.pod
index 9dd071b625..a263241ab6 100644
--- a/doc/ssl/SSL_pending.pod
+++ b/doc/ssl/SSL_pending.pod
@@ -19,7 +19,7 @@ B<ssl> for immediate read.
 
 Data are received in blocks from the peer. Therefore data can be buffered
 inside B<ssl> and are ready for immediate retrieval with
-L<SSL_read(3)|SSL_read(3)>.
+L<SSL_read(3)>.
 
 =head1 RETURN VALUES
 
@@ -30,7 +30,7 @@ The number of bytes pending is returned.
 SSL_pending() takes into account only bytes from the TLS/SSL record
 that is currently being processed (if any).  If the B<SSL> object's
 I<read_ahead> flag is set (see
-L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>), additional protocol
+L<SSL_CTX_set_read_ahead(3)>), additional protocol
 bytes may have been read containing more TLS/SSL records; these are ignored by
 SSL_pending().
 
@@ -39,7 +39,7 @@ of pending data is application data.
 
 =head1 SEE ALSO
 
-L<SSL_read(3)|SSL_read(3)>,
-L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>, L<ssl(3)|ssl(3)>
+L<SSL_read(3)>,
+L<SSL_CTX_set_read_ahead(3)>, L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_read.pod b/doc/ssl/SSL_read.pod
index 8ca0ce5058..947c8687f4 100644
--- a/doc/ssl/SSL_read.pod
+++ b/doc/ssl/SSL_read.pod
@@ -18,16 +18,16 @@ buffer B<buf>.
 =head1 NOTES
 
 If necessary, SSL_read() will negotiate a TLS/SSL session, if
-not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)>. If the
+not already explicitly performed by L<SSL_connect(3)> or
+L<SSL_accept(3)>. If the
 peer requests a re-negotiation, it will be performed transparently during
 the SSL_read() operation. The behaviour of SSL_read() depends on the
 underlying BIO. 
 
 For the transparent negotiation to succeed, the B<ssl> must have been
 initialized to client or server mode. This is being done by calling
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
-before the first call to an SSL_read() or L<SSL_write(3)|SSL_write(3)>
+L<SSL_set_connect_state(3)> or SSL_set_accept_state()
+before the first call to an SSL_read() or L<SSL_write(3)>
 function.
 
 SSL_read() works based on the SSL/TLS records. The data are received in
@@ -49,12 +49,12 @@ If the underlying BIO is B<blocking>, SSL_read() will only return, once the
 read operation has been finished or an error occurred, except when a
 renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
 This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
+L<SSL_CTX_set_mode(3)> call.
 
 If the underlying BIO is B<non-blocking>, SSL_read() will also return
 when the underlying BIO could not satisfy the needs of SSL_read()
 to continue the operation. In this case a call to
-L<SSL_get_error(3)|SSL_get_error(3)> with the
+L<SSL_get_error(3)> with the
 return value of SSL_read() will yield B<SSL_ERROR_WANT_READ> or
 B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
 call to SSL_read() can also cause write operations! The calling process
@@ -64,7 +64,7 @@ non-blocking socket, nothing is to be done, but select() can be used to check
 for the required condition. When using a buffering BIO, like a BIO pair, data
 must be written into or retrieved out of the BIO before being able to continue.
 
-L<SSL_pending(3)|SSL_pending(3)> can be used to find out whether there
+L<SSL_pending(3)> can be used to find out whether there
 are buffered bytes available for immediate retrieval. In this case
 SSL_read() can be called without blocking or actually receiving new
 data from the underlying socket.
@@ -91,8 +91,8 @@ bytes actually read from the TLS/SSL connection.
 The read operation was not successful. The reason may either be a clean
 shutdown due to a "close notify" alert sent by the peer (in which case
 the SSL_RECEIVED_SHUTDOWN flag in the ssl shutdown state is set
-(see L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>). It is also possible, that
+(see L<SSL_shutdown(3)>,
+L<SSL_set_shutdown(3)>). It is also possible, that
 the peer simply shut down the underlying transport and the shutdown is
 incomplete. Call SSL_get_error() with the return value B<ret> to find out,
 whether an error occurred or the connection was shut down cleanly
@@ -113,12 +113,12 @@ return value B<ret> to find out the reason.
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_write(3)|SSL_write(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_pending(3)|SSL_pending(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+L<SSL_get_error(3)>, L<SSL_write(3)>,
+L<SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)>,
+L<SSL_connect(3)>, L<SSL_accept(3)>
+L<SSL_set_connect_state(3)>,
+L<SSL_pending(3)>,
+L<SSL_shutdown(3)>, L<SSL_set_shutdown(3)>,
+L<ssl(3)>, L<bio(3)>
 
 =cut
diff --git a/doc/ssl/SSL_rstate_string.pod b/doc/ssl/SSL_rstate_string.pod
index bdb8a1fcd5..7309483ce9 100644
--- a/doc/ssl/SSL_rstate_string.pod
+++ b/doc/ssl/SSL_rstate_string.pod
@@ -54,6 +54,6 @@ The read state is unknown. This should never happen.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>
+L<ssl(3)>
 
 =cut
diff --git a/doc/ssl/SSL_session_reused.pod b/doc/ssl/SSL_session_reused.pod
index b09d8a71b0..4a738fa320 100644
--- a/doc/ssl/SSL_session_reused.pod
+++ b/doc/ssl/SSL_session_reused.pod
@@ -39,7 +39,7 @@ A session was reused.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+L<ssl(3)>, L<SSL_set_session(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>
 
 =cut
diff --git a/doc/ssl/SSL_set_bio.pod b/doc/ssl/SSL_set_bio.pod
index 8b96ee9983..3e87ee157e 100644
--- a/doc/ssl/SSL_set_bio.pod
+++ b/doc/ssl/SSL_set_bio.pod
@@ -32,9 +32,9 @@ SSL_set_bio(), SSL_set_rbio() and SSL_set_wbio() cannot fail.
 
 =head1 SEE ALSO
 
-L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+L<SSL_get_rbio(3)>,
+L<SSL_connect(3)>, L<SSL_accept(3)>,
+L<SSL_shutdown(3)>, L<ssl(3)>, L<bio(3)>
 
 =head1 HISTORY
 
diff --git a/doc/ssl/SSL_set_connect_state.pod b/doc/ssl/SSL_set_connect_state.pod
index a68de31e0e..4c3626c259 100644
--- a/doc/ssl/SSL_set_connect_state.pod
+++ b/doc/ssl/SSL_set_connect_state.pod
@@ -20,11 +20,11 @@ SSL_set_accept_state() sets B<ssl> to work in server mode.
 
 =head1 NOTES
 
-When the SSL_CTX object was created with L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
+When the SSL_CTX object was created with L<SSL_CTX_new(3)>,
 it was either assigned a dedicated client method, a dedicated server
 method, or a generic method, that can be used for both client and
 server connections. (The method might have been changed with
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)> or
+L<SSL_CTX_set_ssl_version(3)> or
 SSL_set_ssl_method().)
 
 When beginning a new handshake, the SSL engine must know whether it must
@@ -32,10 +32,10 @@ call the connect (client) or accept (server) routines. Even though it may
 be clear from the method chosen, whether client or server mode was
 requested, the handshake routines must be explicitly set.
 
-When using the L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)> routines, the correct handshake
+When using the L<SSL_connect(3)> or
+L<SSL_accept(3)> routines, the correct handshake
 routines are automatically set. When performing a transparent negotiation
-using L<SSL_write(3)|SSL_write(3)> or L<SSL_read(3)|SSL_read(3)>, the
+using L<SSL_write(3)> or L<SSL_read(3)>, the
 handshake routines must be explicitly set in advance using either
 SSL_set_connect_state() or SSL_set_accept_state().
 
@@ -46,10 +46,10 @@ information.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_new(3)|SSL_new(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_write(3)|SSL_write(3)>, L<SSL_read(3)|SSL_read(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>
+L<ssl(3)>, L<SSL_new(3)>, L<SSL_CTX_new(3)>,
+LL<SSL_connect(3)>, L<SSL_accept(3)>,
+L<SSL_write(3)>, L<SSL_read(3)>,
+L<SSL_do_handshake(3)>,
+L<SSL_CTX_set_ssl_version(3)>
 
 =cut
diff --git a/doc/ssl/SSL_set_fd.pod b/doc/ssl/SSL_set_fd.pod
index 35a2325e2a..faf1d17191 100644
--- a/doc/ssl/SSL_set_fd.pod
+++ b/doc/ssl/SSL_set_fd.pod
@@ -47,8 +47,8 @@ The operation succeeded.
 
 =head1 SEE ALSO
 
-L<SSL_get_fd(3)|SSL_get_fd(3)>, L<SSL_set_bio(3)|SSL_set_bio(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>, L<ssl(3)|ssl(3)> , L<bio(3)|bio(3)>
+L<SSL_get_fd(3)>, L<SSL_set_bio(3)>,
+L<SSL_connect(3)>, L<SSL_accept(3)>,
+L<SSL_shutdown(3)>, L<ssl(3)> , L<bio(3)>
 
 =cut
diff --git a/doc/ssl/SSL_set_session.pod b/doc/ssl/SSL_set_session.pod
index 197b521830..c9e31c45fb 100644
--- a/doc/ssl/SSL_set_session.pod
+++ b/doc/ssl/SSL_set_session.pod
@@ -17,7 +17,7 @@ is to be established. SSL_set_session() is only useful for TLS/SSL clients.
 When the session is set, the reference count of B<session> is incremented
 by 1. If the session is not reused, the reference count is decremented
 again during SSL_connect(). Whether the session was reused can be queried
-with the L<SSL_session_reused(3)|SSL_session_reused(3)> call.
+with the L<SSL_session_reused(3)> call.
 
 If there is already a session set inside B<ssl> (because it was set with
 SSL_set_session() before or because the same B<ssl> was already used for
@@ -49,9 +49,9 @@ The operation succeeded.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>
+L<ssl(3)>, L<SSL_SESSION_free(3)>,
+L<SSL_get_session(3)>,
+L<SSL_session_reused(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>
 
 =cut
diff --git a/doc/ssl/SSL_set_shutdown.pod b/doc/ssl/SSL_set_shutdown.pod
index fe013085d3..91d7697036 100644
--- a/doc/ssl/SSL_set_shutdown.pod
+++ b/doc/ssl/SSL_set_shutdown.pod
@@ -44,18 +44,18 @@ SSL_SENT_SHUTDOWN and SSL_RECEIVED_SHUTDOWN can be set at the same time.
 
 The shutdown state of the connection is used to determine the state of
 the ssl session. If the session is still open, when
-L<SSL_clear(3)|SSL_clear(3)> or L<SSL_free(3)|SSL_free(3)> is called,
+L<SSL_clear(3)> or L<SSL_free(3)> is called,
 it is considered bad and removed according to RFC2246.
 The actual condition for a correctly closed session is SSL_SENT_SHUTDOWN
 (according to the TLS RFC, it is acceptable to only send the "close notify"
 alert but to not wait for the peer's answer, when the underlying connection
 is closed).
 SSL_set_shutdown() can be used to set this state without sending a
-close alert to the peer (see L<SSL_shutdown(3)|SSL_shutdown(3)>).
+close alert to the peer (see L<SSL_shutdown(3)>).
 
 If a "close notify" was received, SSL_RECEIVED_SHUTDOWN will be set,
 for setting SSL_SENT_SHUTDOWN the application must however still call
-L<SSL_shutdown(3)|SSL_shutdown(3)> or SSL_set_shutdown() itself.
+L<SSL_shutdown(3)> or SSL_set_shutdown() itself.
 
 =head1 RETURN VALUES
 
@@ -65,8 +65,8 @@ SSL_get_shutdown() returns the current setting.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>
+L<ssl(3)>, L<SSL_shutdown(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_clear(3)>, L<SSL_free(3)>
 
 =cut
diff --git a/doc/ssl/SSL_set_verify_result.pod b/doc/ssl/SSL_set_verify_result.pod
index 04ab101aad..2c6d0b4760 100644
--- a/doc/ssl/SSL_set_verify_result.pod
+++ b/doc/ssl/SSL_set_verify_result.pod
@@ -23,7 +23,7 @@ the verification result of the B<ssl> object. It does not become part of the
 established session, so if the session is to be reused later, the original
 value will reappear.
 
-The valid codes for B<verify_result> are documented in L<verify(1)|verify(1)>.
+The valid codes for B<verify_result> are documented in L<verify(1)>.
 
 =head1 RETURN VALUES
 
@@ -31,8 +31,8 @@ SSL_set_verify_result() does not provide a return value.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>,
-L<verify(1)|verify(1)>
+L<ssl(3)>, L<SSL_get_verify_result(3)>,
+L<SSL_get_peer_certificate(3)>,
+L<verify(1)>
 
 =cut
diff --git a/doc/ssl/SSL_shutdown.pod b/doc/ssl/SSL_shutdown.pod
index b2bf9cb1b8..169079af50 100644
--- a/doc/ssl/SSL_shutdown.pod
+++ b/doc/ssl/SSL_shutdown.pod
@@ -50,11 +50,11 @@ with 1.
 
 =item If the peer already sent the "close notify" alert B<and> it was
 already processed implicitly inside another function
-(L<SSL_read(3)|SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set.
+(L<SSL_read(3)>), the SSL_RECEIVED_SHUTDOWN flag is set.
 SSL_shutdown() will send the "close notify" alert, set the SSL_SENT_SHUTDOWN
 flag and will immediately return with 1.
 Whether SSL_RECEIVED_SHUTDOWN is already set can be checked using the
-SSL_get_shutdown() (see also L<SSL_set_shutdown(3)|SSL_set_shutdown(3)> call.
+SSL_get_shutdown() (see also L<SSL_set_shutdown(3)> call.
 
 =back
 
@@ -80,7 +80,7 @@ into or retrieved out of the BIO before being able to continue.
 
 SSL_shutdown() can be modified to only set the connection to "shutdown"
 state but not actually send the "close notify" alert messages,
-see L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>.
+see L<SSL_CTX_set_quiet_shutdown(3)>.
 When "quiet shutdown" is enabled, SSL_shutdown() will always succeed
 and return 1.
 
@@ -94,7 +94,7 @@ The following return values can occur:
 
 The shutdown is not yet finished. Call SSL_shutdown() for a second time,
 if a bidirectional shutdown shall be performed.
-The output of L<SSL_get_error(3)|SSL_get_error(3)> may be misleading, as an
+The output of L<SSL_get_error(3)> may be misleading, as an
 erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred.
 
 =item Z<>1
@@ -107,17 +107,17 @@ and the peer's "close notify" alert was received.
 The shutdown was not successful because a fatal error occurred either
 at the protocol level or a connection failure occurred. It can also occur if
 action is need to continue the operation for non-blocking BIOs.
-Call L<SSL_get_error(3)|SSL_get_error(3)> with the return value B<ret>
+Call L<SSL_get_error(3)> with the return value B<ret>
 to find out the reason.
 
 =back
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_clear(3)|SSL_clear(3)>, L<SSL_free(3)|SSL_free(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+L<SSL_get_error(3)>, L<SSL_connect(3)>,
+L<SSL_accept(3)>, L<SSL_set_shutdown(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_clear(3)>, L<SSL_free(3)>,
+L<ssl(3)>, L<bio(3)>
 
 =cut
diff --git a/doc/ssl/SSL_state_string.pod b/doc/ssl/SSL_state_string.pod
index fe25d47c71..0d2ba61bbf 100644
--- a/doc/ssl/SSL_state_string.pod
+++ b/doc/ssl/SSL_state_string.pod
@@ -40,6 +40,6 @@ Detailed description of possible states to be included later.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>
+L<ssl(3)>, L<SSL_CTX_set_info_callback(3)>
 
 =cut
diff --git a/doc/ssl/SSL_want.pod b/doc/ssl/SSL_want.pod
index c0059c0d4a..e8b426c7b5 100644
--- a/doc/ssl/SSL_want.pod
+++ b/doc/ssl/SSL_want.pod
@@ -24,15 +24,15 @@ by SSL_want().
 =head1 NOTES
 
 SSL_want() examines the internal state information of the SSL object. Its
-return values are similar to that of L<SSL_get_error(3)|SSL_get_error(3)>.
-Unlike L<SSL_get_error(3)|SSL_get_error(3)>, which also evaluates the
+return values are similar to that of L<SSL_get_error(3)>.
+Unlike L<SSL_get_error(3)>, which also evaluates the
 error queue, the results are obtained by examining an internal state flag
 only. The information must therefore only be used for normal operation under
 non-blocking I/O. Error conditions are not handled and must be treated
-using L<SSL_get_error(3)|SSL_get_error(3)>.
+using L<SSL_get_error(3)>.
 
 The result returned by SSL_want() should always be consistent with
-the result of L<SSL_get_error(3)|SSL_get_error(3)>.
+the result of L<SSL_get_error(3)>.
 
 =head1 RETURN VALUES
 
@@ -48,21 +48,21 @@ There is no data to be written or to be read.
 
 There are data in the SSL buffer that must be written to the underlying
 B<BIO> layer in order to complete the actual SSL_*() operation.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+A call to L<SSL_get_error(3)> should return
 SSL_ERROR_WANT_WRITE.
 
 =item SSL_READING
 
 More data must be read from the underlying B<BIO> layer in order to
 complete the actual SSL_*() operation.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+A call to L<SSL_get_error(3)> should return
 SSL_ERROR_WANT_READ.
 
 =item SSL_X509_LOOKUP
 
 The operation did not complete because an application callback set by
 SSL_CTX_set_client_cert_cb() has asked to be called again.
-A call to L<SSL_get_error(3)|SSL_get_error(3)> should return
+A call to L<SSL_get_error(3)> should return
 SSL_ERROR_WANT_X509_LOOKUP.
 
 =back
@@ -72,6 +72,6 @@ return 1, when the corresponding condition is true or 0 otherwise.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<err(3)|err(3)>, L<SSL_get_error(3)|SSL_get_error(3)>
+L<ssl(3)>, L<err(3)>, L<SSL_get_error(3)>
 
 =cut
diff --git a/doc/ssl/SSL_write.pod b/doc/ssl/SSL_write.pod
index a57617f3ee..a9841ed331 100644
--- a/doc/ssl/SSL_write.pod
+++ b/doc/ssl/SSL_write.pod
@@ -18,27 +18,27 @@ B<ssl> connection.
 =head1 NOTES
 
 If necessary, SSL_write() will negotiate a TLS/SSL session, if
-not already explicitly performed by L<SSL_connect(3)|SSL_connect(3)> or
-L<SSL_accept(3)|SSL_accept(3)>. If the
+not already explicitly performed by L<SSL_connect(3)> or
+L<SSL_accept(3)>. If the
 peer requests a re-negotiation, it will be performed transparently during
 the SSL_write() operation. The behaviour of SSL_write() depends on the
 underlying BIO. 
 
 For the transparent negotiation to succeed, the B<ssl> must have been
 initialized to client or server mode. This is being done by calling
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)> or SSL_set_accept_state()
-before the first call to an L<SSL_read(3)|SSL_read(3)> or SSL_write() function.
+L<SSL_set_connect_state(3)> or SSL_set_accept_state()
+before the first call to an L<SSL_read(3)> or SSL_write() function.
 
 If the underlying BIO is B<blocking>, SSL_write() will only return, once the
 write operation has been finished or an error occurred, except when a
 renegotiation take place, in which case a SSL_ERROR_WANT_READ may occur. 
 This behaviour can be controlled with the SSL_MODE_AUTO_RETRY flag of the
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)> call.
+L<SSL_CTX_set_mode(3)> call.
 
 If the underlying BIO is B<non-blocking>, SSL_write() will also return,
 when the underlying BIO could not satisfy the needs of SSL_write()
 to continue the operation. In this case a call to
-L<SSL_get_error(3)|SSL_get_error(3)> with the
+L<SSL_get_error(3)> with the
 return value of SSL_write() will yield B<SSL_ERROR_WANT_READ> or
 B<SSL_ERROR_WANT_WRITE>. As at any time a re-negotiation is possible, a
 call to SSL_write() can also cause read operations! The calling process
@@ -51,7 +51,7 @@ must be written into or retrieved out of the BIO before being able to continue.
 SSL_write() will only return with success, when the complete contents
 of B<buf> of length B<num> has been written. This default behaviour
 can be changed with the SSL_MODE_ENABLE_PARTIAL_WRITE option of
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>. When this flag is set,
+L<SSL_CTX_set_mode(3)>. When this flag is set,
 SSL_write() will also return with success, when a partial write has been
 successfully completed. In this case the SSL_write() operation is considered
 completed. The bytes are sent and a new SSL_write() operation with a new
@@ -100,10 +100,10 @@ return value B<ret> to find out the reason.
 
 =head1 SEE ALSO
 
-L<SSL_get_error(3)|SSL_get_error(3)>, L<SSL_read(3)|SSL_read(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_connect(3)|SSL_connect(3)>, L<SSL_accept(3)|SSL_accept(3)>
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<ssl(3)|ssl(3)>, L<bio(3)|bio(3)>
+L<SSL_get_error(3)>, L<SSL_read(3)>,
+L<SSL_CTX_set_mode(3)>, L<SSL_CTX_new(3)>,
+L<SSL_connect(3)>, L<SSL_accept(3)>
+L<SSL_set_connect_state(3)>,
+L<ssl(3)>, L<bio(3)>
 
 =cut
diff --git a/doc/ssl/d2i_SSL_SESSION.pod b/doc/ssl/d2i_SSL_SESSION.pod
index bce06e23b6..985d1580f9 100644
--- a/doc/ssl/d2i_SSL_SESSION.pod
+++ b/doc/ssl/d2i_SSL_SESSION.pod
@@ -31,10 +31,10 @@ a binary ASN1 representation.
 
 When using d2i_SSL_SESSION(), the SSL_SESSION object is automatically
 allocated. The reference count is 1, so that the session must be
-explicitly removed using L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
+explicitly removed using L<SSL_SESSION_free(3)>,
 unless the SSL_SESSION object is completely taken over, when being called
 inside the get_session_cb() (see
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>).
+L<SSL_CTX_sess_set_get_cb(3)>).
 
 SSL_SESSION objects keep internal link information about the session cache
 list, when being inserted into one SSL_CTX object's session cache.
@@ -70,7 +70,7 @@ When the session is not valid, B<0> is returned and no operation is performed.
 
 =head1 SEE ALSO
 
-L<ssl(3)|ssl(3)>, L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>
+L<ssl(3)>, L<SSL_SESSION_free(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>
 
 =cut
diff --git a/doc/ssl/ssl.pod b/doc/ssl/ssl.pod
index a094356131..6443de70a3 100644
--- a/doc/ssl/ssl.pod
+++ b/doc/ssl/ssl.pod
@@ -14,25 +14,25 @@ Transport Layer Security (TLS v1) protocols. It provides a rich API which is
 documented here.
 
 At first the library must be initialized; see
-L<SSL_library_init(3)|SSL_library_init(3)>.
+L<SSL_library_init(3)>.
 
 Then an B<SSL_CTX> object is created as a framework to establish
-TLS/SSL enabled connections (see L<SSL_CTX_new(3)|SSL_CTX_new(3)>).
+TLS/SSL enabled connections (see L<SSL_CTX_new(3)>).
 Various options regarding certificates, algorithms etc. can be set
 in this object.
 
 When a network connection has been created, it can be assigned to an
 B<SSL> object. After the B<SSL> object has been created using
-L<SSL_new(3)|SSL_new(3)>, L<SSL_set_fd(3)|SSL_set_fd(3)> or
-L<SSL_set_bio(3)|SSL_set_bio(3)> can be used to associate the network
+L<SSL_new(3)>, L<SSL_set_fd(3)> or
+L<SSL_set_bio(3)> can be used to associate the network
 connection with the object.
 
 Then the TLS/SSL handshake is performed using
-L<SSL_accept(3)|SSL_accept(3)> or L<SSL_connect(3)|SSL_connect(3)>
+L<SSL_accept(3)> or L<SSL_connect(3)>
 respectively.
-L<SSL_read(3)|SSL_read(3)> and L<SSL_write(3)|SSL_write(3)> are used
+L<SSL_read(3)> and L<SSL_write(3)> are used
 to read and write data on the TLS/SSL connection.
-L<SSL_shutdown(3)|SSL_shutdown(3)> can be used to shut down the
+L<SSL_shutdown(3)> can be used to shut down the
 TLS/SSL connection.
 
 =head1 DATA STRUCTURES
@@ -667,87 +667,87 @@ success or 0 on failure.
 
 =head1 SEE ALSO
 
-L<openssl(1)|openssl(1)>, L<crypto(3)|crypto(3)>,
-L<SSL_accept(3)|SSL_accept(3)>, L<SSL_clear(3)|SSL_clear(3)>,
-L<SSL_connect(3)|SSL_connect(3)>,
-L<SSL_CIPHER_get_name(3)|SSL_CIPHER_get_name(3)>,
-L<SSL_COMP_add_compression_method(3)|SSL_COMP_add_compression_method(3)>,
-L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>,
-L<SSL_CTX_add_session(3)|SSL_CTX_add_session(3)>,
-L<SSL_CTX_ctrl(3)|SSL_CTX_ctrl(3)>,
-L<SSL_CTX_flush_sessions(3)|SSL_CTX_flush_sessions(3)>,
-L<SSL_CTX_get_ex_new_index(3)|SSL_CTX_get_ex_new_index(3)>,
-L<SSL_CTX_get_verify_mode(3)|SSL_CTX_get_verify_mode(3)>,
-L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>
-L<SSL_CTX_new(3)|SSL_CTX_new(3)>,
-L<SSL_CTX_sess_number(3)|SSL_CTX_sess_number(3)>,
-L<SSL_CTX_sess_set_cache_size(3)|SSL_CTX_sess_set_cache_size(3)>,
-L<SSL_CTX_sess_set_get_cb(3)|SSL_CTX_sess_set_get_cb(3)>,
-L<SSL_CTX_sessions(3)|SSL_CTX_sessions(3)>,
-L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)>,
-L<SSL_CTX_set_cert_verify_callback(3)|SSL_CTX_set_cert_verify_callback(3)>,
-L<SSL_CTX_set_cipher_list(3)|SSL_CTX_set_cipher_list(3)>,
-L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>,
-L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>,
-L<SSL_CTX_set_default_passwd_cb(3)|SSL_CTX_set_default_passwd_cb(3)>,
-L<SSL_CTX_set_generate_session_id(3)|SSL_CTX_set_generate_session_id(3)>,
-L<SSL_CTX_set_info_callback(3)|SSL_CTX_set_info_callback(3)>,
-L<SSL_CTX_set_max_cert_list(3)|SSL_CTX_set_max_cert_list(3)>,
-L<SSL_CTX_set_mode(3)|SSL_CTX_set_mode(3)>,
-L<SSL_CTX_set_msg_callback(3)|SSL_CTX_set_msg_callback(3)>,
-L<SSL_CTX_set_options(3)|SSL_CTX_set_options(3)>,
-L<SSL_CTX_set_quiet_shutdown(3)|SSL_CTX_set_quiet_shutdown(3)>,
-L<SSL_CTX_set_read_ahead(3)|SSL_CTX_set_read_ahead(3)>,
-L<SSL_CTX_set_session_cache_mode(3)|SSL_CTX_set_session_cache_mode(3)>,
-L<SSL_CTX_set_session_id_context(3)|SSL_CTX_set_session_id_context(3)>,
-L<SSL_CTX_set_ssl_version(3)|SSL_CTX_set_ssl_version(3)>,
-L<SSL_CTX_set_timeout(3)|SSL_CTX_set_timeout(3)>,
-L<SSL_CTX_set_tmp_rsa_callback(3)|SSL_CTX_set_tmp_rsa_callback(3)>,
-L<SSL_CTX_set_tmp_dh_callback(3)|SSL_CTX_set_tmp_dh_callback(3)>,
-L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>,
-L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>,
-L<SSL_alert_type_string(3)|SSL_alert_type_string(3)>,
-L<SSL_do_handshake(3)|SSL_do_handshake(3)>,
-L<SSL_get_SSL_CTX(3)|SSL_get_SSL_CTX(3)>,
-L<SSL_get_ciphers(3)|SSL_get_ciphers(3)>,
-L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>,
-L<SSL_get_default_timeout(3)|SSL_get_default_timeout(3)>,
-L<SSL_get_error(3)|SSL_get_error(3)>,
-L<SSL_get_ex_data_X509_STORE_CTX_idx(3)|SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
-L<SSL_get_ex_new_index(3)|SSL_get_ex_new_index(3)>,
-L<SSL_get_fd(3)|SSL_get_fd(3)>,
-L<SSL_get_peer_cert_chain(3)|SSL_get_peer_cert_chain(3)>,
-L<SSL_get_rbio(3)|SSL_get_rbio(3)>,
-L<SSL_get_session(3)|SSL_get_session(3)>,
-L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
-L<SSL_get_version(3)|SSL_get_version(3)>,
-L<SSL_library_init(3)|SSL_library_init(3)>,
-L<SSL_load_client_CA_file(3)|SSL_load_client_CA_file(3)>,
-L<SSL_new(3)|SSL_new(3)>,
-L<SSL_pending(3)|SSL_pending(3)>,
-L<SSL_read(3)|SSL_read(3)>,
-L<SSL_rstate_string(3)|SSL_rstate_string(3)>,
-L<SSL_session_reused(3)|SSL_session_reused(3)>,
-L<SSL_set_bio(3)|SSL_set_bio(3)>,
-L<SSL_set_connect_state(3)|SSL_set_connect_state(3)>,
-L<SSL_set_fd(3)|SSL_set_fd(3)>,
-L<SSL_set_session(3)|SSL_set_session(3)>,
-L<SSL_set_shutdown(3)|SSL_set_shutdown(3)>,
-L<SSL_shutdown(3)|SSL_shutdown(3)>,
-L<SSL_state_string(3)|SSL_state_string(3)>,
-L<SSL_want(3)|SSL_want(3)>,
-L<SSL_write(3)|SSL_write(3)>,
-L<SSL_SESSION_free(3)|SSL_SESSION_free(3)>,
-L<SSL_SESSION_get_ex_new_index(3)|SSL_SESSION_get_ex_new_index(3)>,
-L<SSL_SESSION_get_time(3)|SSL_SESSION_get_time(3)>,
-L<d2i_SSL_SESSION(3)|d2i_SSL_SESSION(3)>,
-L<SSL_CTX_set_psk_client_callback(3)|SSL_CTX_set_psk_client_callback(3)>,
-L<SSL_CTX_use_psk_identity_hint(3)|SSL_CTX_use_psk_identity_hint(3)>,
-L<SSL_get_psk_identity(3)|SSL_get_psk_identity(3)>
+L<openssl(1)>, L<crypto(3)>,
+L<SSL_accept(3)>, L<SSL_clear(3)>,
+L<SSL_connect(3)>,
+L<SSL_CIPHER_get_name(3)>,
+L<SSL_COMP_add_compression_method(3)>,
+L<SSL_CTX_add_extra_chain_cert(3)>,
+L<SSL_CTX_add_session(3)>,
+L<SSL_CTX_ctrl(3)>,
+L<SSL_CTX_flush_sessions(3)>,
+L<SSL_CTX_get_ex_new_index(3)>,
+L<SSL_CTX_get_verify_mode(3)>,
+L<SSL_CTX_load_verify_locations(3)>
+L<SSL_CTX_new(3)>,
+L<SSL_CTX_sess_number(3)>,
+L<SSL_CTX_sess_set_cache_size(3)>,
+L<SSL_CTX_sess_set_get_cb(3)>,
+L<SSL_CTX_sessions(3)>,
+L<SSL_CTX_set_cert_store(3)>,
+L<SSL_CTX_set_cert_verify_callback(3)>,
+L<SSL_CTX_set_cipher_list(3)>,
+L<SSL_CTX_set_client_CA_list(3)>,
+L<SSL_CTX_set_client_cert_cb(3)>,
+L<SSL_CTX_set_default_passwd_cb(3)>,
+L<SSL_CTX_set_generate_session_id(3)>,
+L<SSL_CTX_set_info_callback(3)>,
+L<SSL_CTX_set_max_cert_list(3)>,
+L<SSL_CTX_set_mode(3)>,
+L<SSL_CTX_set_msg_callback(3)>,
+L<SSL_CTX_set_options(3)>,
+L<SSL_CTX_set_quiet_shutdown(3)>,
+L<SSL_CTX_set_read_ahead(3)>,
+L<SSL_CTX_set_session_cache_mode(3)>,
+L<SSL_CTX_set_session_id_context(3)>,
+L<SSL_CTX_set_ssl_version(3)>,
+L<SSL_CTX_set_timeout(3)>,
+L<SSL_CTX_set_tmp_rsa_callback(3)>,
+L<SSL_CTX_set_tmp_dh_callback(3)>,
+L<SSL_CTX_set_verify(3)>,
+L<SSL_CTX_use_certificate(3)>,
+L<SSL_alert_type_string(3)>,
+L<SSL_do_handshake(3)>,
+L<SSL_get_SSL_CTX(3)>,
+L<SSL_get_ciphers(3)>,
+L<SSL_get_client_CA_list(3)>,
+L<SSL_get_default_timeout(3)>,
+L<SSL_get_error(3)>,
+L<SSL_get_ex_data_X509_STORE_CTX_idx(3)>,
+L<SSL_get_ex_new_index(3)>,
+L<SSL_get_fd(3)>,
+L<SSL_get_peer_cert_chain(3)>,
+L<SSL_get_rbio(3)>,
+L<SSL_get_session(3)>,
+L<SSL_get_verify_result(3)>,
+L<SSL_get_version(3)>,
+L<SSL_library_init(3)>,
+L<SSL_load_client_CA_file(3)>,
+L<SSL_new(3)>,
+L<SSL_pending(3)>,
+L<SSL_read(3)>,
+L<SSL_rstate_string(3)>,
+L<SSL_session_reused(3)>,
+L<SSL_set_bio(3)>,
+L<SSL_set_connect_state(3)>,
+L<SSL_set_fd(3)>,
+L<SSL_set_session(3)>,
+L<SSL_set_shutdown(3)>,
+L<SSL_shutdown(3)>,
+L<SSL_state_string(3)>,
+L<SSL_want(3)>,
+L<SSL_write(3)>,
+L<SSL_SESSION_free(3)>,
+L<SSL_SESSION_get_ex_new_index(3)>,
+L<SSL_SESSION_get_time(3)>,
+L<d2i_SSL_SESSION(3)>,
+L<SSL_CTX_set_psk_client_callback(3)>,
+L<SSL_CTX_use_psk_identity_hint(3)>,
+L<SSL_get_psk_identity(3)>
 
 =head1 HISTORY
 
-The L<ssl(3)|ssl(3)> document appeared in OpenSSL 0.9.2
+The L<ssl(3)> document appeared in OpenSSL 0.9.2
 
 B<SSLv2_client_method>, B<SSLv2_server_method> and B<SSLv2_method> where removed
 in OpenSSL 1.1.0.
-- 
2.34.1