mirror/openssl
2
0
Fork 0
mirror of https://github.com/openssl/openssl.git synced 2025-02-17 14:32:04 +08:00
Code Issues Packages Projects Releases Wiki Activity
e389f56fae
openssl/doc/man1
History
Neil Horman 21f7a09ca2 Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 
Creating JDK compatible pkcs12 files requires a bit more than just
adding the Trusted Key Usage OID to a certbag in the pkcs12 file.
Additionally the JDK currently requires that pkcs12 files setting this
oid _not_ contain any additional keys, and in response will produce
unpredictable results.

This could be solved by implying --nokeys when the pkcs12 utility is run
and the config option is set, but thatcould confuse users who didn't
specify nokeys on the command line.  As such, remove the config file
setting for this feature, and replace it with a -jdktrust command line
option, that is documented to assert nokeys when a users specifies the
new command line option.

Fixes #22215

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/22422)
2023-10-20 16:30:43 +01:00
..
build.info DOCS: Remove the "global" dependency on writing .pod files from .pod.in 2021-02-05 15:51:31 +01:00
CA.pl.pod Update copyright year 2021-06-17 13:24:59 +01:00
openssl-asn1parse.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-ca.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-ciphers.pod.in Update manual to reference the IANA TLS Cipher Suites Registry 2021-09-30 12:20:01 +02:00
openssl-cmds.pod.in openssl-cmds.pod.in: add missing entry for cmp 2022-07-06 08:19:58 +01:00
openssl-cmp.pod.in apps/cmp.c: -tls_used may be implied by -server https:...; improve related checks and doc 2023-10-10 20:36:05 +02:00
openssl-cms.pod.in Copyright year updates 2023-09-28 14:23:29 +01:00
openssl-crl2pkcs7.pod.in Update copyright year 2021-01-28 13:54:57 +01:00
openssl-crl.pod.in Add support for ISO 8601 datetime format 2021-06-11 12:39:46 +02:00
openssl-dgst.pod.in SHAKE documentation updates for default output length. 2022-08-17 16:17:42 +02:00
openssl-dhparam.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-dsa.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-dsaparam.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-ec.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-ecparam.pod.in Remove '=for openssl ifdef' 2021-05-19 10:34:43 +10:00
openssl-enc.pod.in Added 'saltlen' option to the OpenSSL enc command line app. 2023-09-04 14:15:34 +10:00
openssl-engine.pod.in
openssl-errstr.pod.in
openssl-fipsinstall.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-format-options.pod Update copyright year 2021-05-06 13:03:23 +01:00
openssl-gendsa.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-genpkey.pod.in adding -outpubkey option to genpkey 2023-09-24 20:51:42 +02:00
openssl-genrsa.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-info.pod.in
openssl-kdf.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-list.pod.in openssl list: Fix help text about -cipher-algorithms option 2022-10-24 11:04:23 +01:00
openssl-mac.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-namedisplay-options.pod Update the default value for the -nameopt option - documentation 2021-09-21 14:08:41 +02:00
openssl-nseq.pod.in
openssl-ocsp.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-passphrase-options.pod openssl.pod: Carve out Trusted Certificate, Pass Phrase, Name Format, and Format Options 2020-12-05 18:05:30 +01:00
openssl-passwd.pod.in DOCS: Update the page for 'openssl passwd' to not duplicate some info 2021-09-08 16:26:55 +02:00
openssl-pkcs7.pod.in Update copyright year 2022-05-03 13:34:51 +01:00
openssl-pkcs8.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-pkcs12.pod.in Convert jdkTrustedKeyUsage to be a pkcs12 cmd line option 2023-10-20 16:30:43 +01:00
openssl-pkey.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-pkeyparam.pod.in Update copyright year 2021-05-20 14:22:33 +01:00
openssl-pkeyutl.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-prime.pod.in
openssl-rand.pod.in Update copyright year 2021-05-20 14:22:33 +01:00
openssl-rehash.pod.in
openssl-req.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-rsa.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-rsautl.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-s_client.pod.in Add some documentation for the new QUIC mode in s_client 2023-05-08 10:13:39 +01:00
openssl-s_server.pod.in RFC7250 (RPK) support 2023-03-28 13:49:54 -04:00
openssl-s_time.pod.in Update copyright year 2021-05-20 14:22:33 +01:00
openssl-sess_id.pod.in openssl.pod: Fix openSSL options doc 2020-12-13 12:47:14 +01:00
openssl-smime.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-speed.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-spkac.pod.in spkac: document -digest option 2021-06-15 18:26:34 +10:00
openssl-srp.pod.in DOC: Fix nits found by new check on SYNOPSIS and OPTIONS consistency 2021-05-20 16:24:43 +02:00
openssl-storeutl.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-ts.pod.in Changed the default value of the "ess_cert_id_alg" option 2023-08-25 15:05:51 +02:00
openssl-verification-options.pod Copyright year updates 2023-09-07 09:59:15 +01:00
openssl-verify.pod.in Improve the documentation of cert path building and validation 2021-06-08 07:47:41 +02:00
openssl-version.pod.in
openssl-x509.pod.in Copyright year updates 2023-09-07 09:59:15 +01:00
openssl.pod Copyright year updates 2023-09-07 09:59:15 +01:00
tsget.pod