[openssl-commits] [openssl] OpenSSL_1_1_0-stable update

Matt Caswell matt at openssl.org
Thu Apr 26 15:41:36 UTC 2018


The branch OpenSSL_1_1_0-stable has been updated
       via  db747425b0caae12e73c680799b57bdfcc72dbb4 (commit)
      from  e8d3f50249a7bd7a80a585830a318635834f435d (commit)


- Log -----------------------------------------------------------------
commit db747425b0caae12e73c680799b57bdfcc72dbb4
Author: Matt Caswell <matt at openssl.org>
Date:   Thu Apr 26 14:05:40 2018 +0100

    Update the *use_certificate* docs
    
    Note that calling the *use_certificate* functions will replace any existing
    certificate of the same type. The same thing applies for private keys.
    
    Fixes #2147
    
    Reviewed-by: Rich Salz <rsalz at openssl.org>
    (Merged from https://github.com/openssl/openssl/pull/6093)

-----------------------------------------------------------------------

Summary of changes:
 doc/ssl/SSL_CTX_use_certificate.pod | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/doc/ssl/SSL_CTX_use_certificate.pod b/doc/ssl/SSL_CTX_use_certificate.pod
index c645f58..96890b3 100644
--- a/doc/ssl/SSL_CTX_use_certificate.pod
+++ b/doc/ssl/SSL_CTX_use_certificate.pod
@@ -153,6 +153,13 @@ L<SSL_CTX_set_default_passwd_cb(3)>.
 of view, it however does not make sense as the data in the certificate
 is considered public anyway.)
 
+All of the functions to set a new certificate will replace any existing
+certificate of the same type that has already been set. Similarly all of the
+functions to set a new private key will replace any private key that has already
+been set. Applications should call L<SSL_CTX_check_private_key(3)> or
+L<SSL_check_private_key(3)> as appropriate after loading a new certificate and
+private key to confirm that the certificate and key match.
+
 =head1 RETURN VALUES
 
 On success, the functions return 1.


More information about the openssl-commits mailing list