verify.pod - OpenGrok cross reference for /netbsd-src/crypto/external/bsd/openssl.old/dist/doc/man1/verify.pod

Lines Matching refs:certificates
6 verify - Utility to verify certificates
54 [certificates]
70 A B<file> of trusted certificates.
71 The file should contain one or more certificates in PEM format.
75 A directory of trusted certificates. The certificates should have names
79 create symbolic links to a directory of certificates.
83 Do not load the trusted CA certificates from the default file location.
87 Do not load the trusted CA certificates from the default directory location.
91 Allow the verification of proxy certificates.
124 Checks the validity of B<all> certificates in the chain by attempting
132 If you want to load certificates or CRLs that require engine support via any of
168 This option suppresses checking the validity period of certificates and CRLs
210 When constructing the certificate chain, use the trusted certificates specified
211 via B<-CAfile>, B<-CApath> or B<-trusted> before any certificates specified via
220 attempt to replace untrusted issuer certificates with certificates from the
227 A B<file> of additional untrusted certificates (intermediate issuer CAs) used
229 The B<file> should contain one or more certificates in PEM format.
230 This option can be specified more than once to include untrusted certificates
235 A B<file> of trusted certificates, which must be self-signed, unless the
237 The B<file> contains one or more certificates in PEM format.
241 This option can be specified more than once to include trusted certificates
260 For a certificate chain to validate, the public keys of all the certificates
262 The signature algorithm security level is enforced for all the certificates in
275 Limit the certificate chain to B<num> intermediate CA certificates.
276 A maximal depth chain can have up to B<num+2> certificates, since neither the
314 certificates.
328 =item B<certificates>
330 One or more certificates to verify. If no certificates are given, B<verify>
360 After all certificates whose subject name matches the issuer name of the current
367 The lookup first looks in the list of untrusted certificates and if no match
368 is found the remaining lookups are from the trusted certificates. The root CA
376 compatible with the supplied purpose and all other certificates must also be valid
377 CA certificates. The precise extensions required are described in more detail in
430 normally means the list of trusted certificates is not complete.
501 be found in the list of trusted certificates.
505 The certificate chain could be built up using the untrusted certificates
603 Proxy certificates not allowed, please use B<-allow_proxy_certs>.
754 API. One consequence of this is that trusted certificates with matching
757 both then only the certificates in the file will be recognised.
759 Previous versions of OpenSSL assume certificates with matching subject