Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1426)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: openssl/doc/apps/ocsp.pod

Issue 9254031: Upgrade chrome's OpenSSL to same version Android ships with. (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/openssl/
Patch Set: '' Created 8 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« openssl.gyp ('K') | « openssl/doc/apps/genrsa.pod ('k') | openssl/doc/apps/openssl.pod » ('j') | patches/x509_hash_name_algorithm_change.patch » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 =pod 1 =pod
2 2
3 =head1 NAME 3 =head1 NAME
4 4
5 ocsp - Online Certificate Status Protocol utility 5 ocsp - Online Certificate Status Protocol utility
6 6
7 =head1 SYNOPSIS 7 =head1 SYNOPSIS
8 8
9 B<openssl> B<ocsp> 9 B<openssl> B<ocsp>
10 [B<-out file>] 10 [B<-out file>]
(...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after
44 [B<-index file>] 44 [B<-index file>]
45 [B<-CA file>] 45 [B<-CA file>]
46 [B<-rsigner file>] 46 [B<-rsigner file>]
47 [B<-rkey file>] 47 [B<-rkey file>]
48 [B<-rother file>] 48 [B<-rother file>]
49 [B<-resp_no_certs>] 49 [B<-resp_no_certs>]
50 [B<-nmin n>] 50 [B<-nmin n>]
51 [B<-ndays n>] 51 [B<-ndays n>]
52 [B<-resp_key_id>] 52 [B<-resp_key_id>]
53 [B<-nrequest n>] 53 [B<-nrequest n>]
54 [B<-md5|-sha1|...>]
54 55
55 =head1 DESCRIPTION 56 =head1 DESCRIPTION
56 57
57 The Online Certificate Status Protocol (OCSP) enables applications to 58 The Online Certificate Status Protocol (OCSP) enables applications to
58 determine the (revocation) state of an identified certificate (RFC 2560). 59 determine the (revocation) state of an identified certificate (RFC 2560).
59 60
60 The B<ocsp> command performs many common OCSP tasks. It can be used 61 The B<ocsp> command performs many common OCSP tasks. It can be used
61 to print out requests and responses, create requests and send queries 62 to print out requests and responses, create requests and send queries
62 to an OCSP responder and behave like a mini OCSP server itself. 63 to an OCSP responder and behave like a mini OCSP server itself.
63 64
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after
199 the interval between the two times may be only a few seconds. In practice the OC SP 200 the interval between the two times may be only a few seconds. In practice the OC SP
200 responder and clients clocks may not be precisely synchronised and so such a che ck 201 responder and clients clocks may not be precisely synchronised and so such a che ck
201 may fail. To avoid this the B<-validity_period> option can be used to specify an 202 may fail. To avoid this the B<-validity_period> option can be used to specify an
202 acceptable error range in seconds, the default value is 5 minutes. 203 acceptable error range in seconds, the default value is 5 minutes.
203 204
204 If the B<notAfter> time is omitted from a response then this means that new stat us 205 If the B<notAfter> time is omitted from a response then this means that new stat us
205 information is immediately available. In this case the age of the B<notBefore> f ield 206 information is immediately available. In this case the age of the B<notBefore> f ield
206 is checked to see it is not older than B<age> seconds old. By default this addit ional 207 is checked to see it is not older than B<age> seconds old. By default this addit ional
207 check is not performed. 208 check is not performed.
208 209
210 =item B<-md5|-sha1|-sha256|-ripemod160|...>
211
212 this option sets digest algorithm to use for certificate identification
213 in the OCSP request. By default SHA-1 is used.
214
209 =back 215 =back
210 216
211 =head1 OCSP SERVER OPTIONS 217 =head1 OCSP SERVER OPTIONS
212 218
213 =over 4 219 =over 4
214 220
215 =item B<-index indexfile> 221 =item B<-index indexfile>
216 222
217 B<indexfile> is a text index file in B<ca> format containing certificate revocat ion 223 B<indexfile> is a text index file in B<ca> format containing certificate revocat ion
218 information. 224 information.
(...skipping 137 matching lines...) Expand 10 before | Expand all | Expand 10 after
356 Query status information using internally generated request: 362 Query status information using internally generated request:
357 363
358 openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem 364 openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
359 -issuer demoCA/cacert.pem -serial 1 365 -issuer demoCA/cacert.pem -serial 1
360 366
361 Query status information using request read from a file, write response to a 367 Query status information using request read from a file, write response to a
362 second file. 368 second file.
363 369
364 openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem 370 openssl ocsp -index demoCA/index.txt -rsigner rcert.pem -CA demoCA/cacert.pem
365 -reqin req.der -respout resp.der 371 -reqin req.der -respout resp.der
OLDNEW
« openssl.gyp ('K') | « openssl/doc/apps/genrsa.pod ('k') | openssl/doc/apps/openssl.pod » ('j') | patches/x509_hash_name_algorithm_change.patch » ('J')

Powered by Google App Engine
This is Rietveld 408576698