Clarification and fix typo.

2025-02-17 14:32:04 +08:00 · 2008-02-25 18:11:47 +00:00 · 2008-02-25 18:11:47 +00:00 · 0d7f6fc76a
commit 0d7f6fc76a
parent a9e96d724d
1 changed files with 4 additions and 4 deletions
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@ -74,7 +74,7 @@ specify output filename, default is standard output.

 This specifies the current issuer certificate. This option can be used
 multiple times. The certificate specified in B<filename> must be in
-PEM format.
+PEM format. This option B<MUST> come before any B<-cert> options.

 =item B<-cert filename>

@ -147,7 +147,7 @@ certificate in such cases.

 =item B<-trust_other>

-the certificates specified by the B<-verify_certs> option should be explicitly
+the certificates specified by the B<-verify_other> option should be explicitly
 trusted and no additional checks will be performed on them. This is useful
 when the complete responder certificate chain is not available or trusting a
 root CA is not appropriate.
@ -155,7 +155,7 @@ root CA is not appropriate.
 =item B<-VAfile file>

 file containing explicitly trusted responder certificates. Equivalent to the
-B<-verify_certs> and B<-trust_other> options.
+B<-verify_other> and B<-trust_other> options.

 =item B<-noverify>

@ -167,7 +167,7 @@ of the responders certificate.

 ignore certificates contained in the OCSP response when searching for the
 signers certificate. With this option the signers certificate must be specified
-with either the B<-verify_certs> or B<-VAfile> options.
+with either the B<-verify_other> or B<-VAfile> options.

 =item B<-no_signature_verify>