From f5de06aae1596c2e1174b5a251f5d2af2d9ef48e Mon Sep 17 00:00:00 2001 From: Matt Caswell Date: Thu, 9 Jun 2016 14:48:40 +0100 Subject: [PATCH] Expand SSL_CTX_set_default_verify_paths() documentation Add some information about the location of the default directory and the default file. RT#1051 Reviewed-by: Andy Polyakov --- doc/ssl/SSL_CTX_load_verify_locations.pod | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/doc/ssl/SSL_CTX_load_verify_locations.pod b/doc/ssl/SSL_CTX_load_verify_locations.pod index 7e78bc6d9b..59d11e03ee 100644 --- a/doc/ssl/SSL_CTX_load_verify_locations.pod +++ b/doc/ssl/SSL_CTX_load_verify_locations.pod @@ -25,9 +25,13 @@ SSL_CTX_load_verify_locations() specifies the locations for B, at which CA certificates for verification purposes are located. The certificates available via B and B are trusted. -SSL_CTX_set_default_verify_paths() specifies that the default locations for +SSL_CTX_set_default_verify_paths() specifies that the default locations from which CA certificates are loaded should be used. There is one default directory -and one default file. +and one default file. The default CA certificates directory is called "certs" in +the default OpenSSL directory. Alternatively the SSL_CERT_DIR environment +variable can be defined to override this location. The default CA certificates +file is called "cert.pem" in the default OpenSSL directory. Alternatively the +SSL_CERT_FILE environment variable can be defined to override this location. SSL_CTX_set_default_verify_dir() is similar to SSL_CTX_set_default_verify_paths() except that just the default directory is -- 2.34.1