Submitted by: Victor B. Wagner <vitus@cryptocom.ru>, steve

Use default algorithms for OCSP request and response signing. New command line option to support other digest use for OCSP certificate IDs.
author: steve <steve> 2007-12-04 12:41:27 +0000
committer: steve <steve> 2007-12-04 12:41:27 +0000
commit: c3f8f441272c4b8845c59112d645d026c87f22b7 (patch)
tree: ee1870433bb6a732f89da5393d4dd5a2630889dc /doc
parent: a3f4627a321d08741bde4117762d5696e2ef7ba7 (diff)
download: openssl-c3f8f441272c4b8845c59112d645d026c87f22b7.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/doc/apps/ocsp.pod b/doc/apps/ocsp.pod
index 4f266058e..a6a7d80c6 100644
--- a/doc/apps/ocsp.pod
+++ b/doc/apps/ocsp.pod
@@ -51,6 +51,7 @@ B<openssl> B<ocsp>
 [B<-ndays n>]
 [B<-resp_key_id>]
 [B<-nrequest n>]
+[B<-md5|-sha1|...>]
 
 =head1 DESCRIPTION
 
@@ -206,6 +207,11 @@ information is immediately available. In this case the age of the B<notBefore> f
 is checked to see it is not older than B<age> seconds old. By default this additional
 check is not performed.
 
+=item B<-md5|-sha1|-sha256|-ripemod160|...>
+
+this option sets digest algorithm to use for certificate identification
+in the OCSP request. By default SHA-1 is used. 
+
 =back
 
 =head1 OCSP SERVER OPTIONS
author	steve <steve>	2007-12-04 12:41:27 +0000
committer	steve <steve>	2007-12-04 12:41:27 +0000
commit	c3f8f441272c4b8845c59112d645d026c87f22b7 (patch)
tree	ee1870433bb6a732f89da5393d4dd5a2630889dc /doc
parent	a3f4627a321d08741bde4117762d5696e2ef7ba7 (diff)
download	openssl-c3f8f441272c4b8845c59112d645d026c87f22b7.tar.gz