path: root/doc/apps
diff options
Diffstat (limited to 'doc/apps')
5 files changed, 9 insertions, 20 deletions
diff --git a/doc/apps/dgst.pod b/doc/apps/dgst.pod
index 9e15798d8279..b27bb946b1b2 100644
--- a/doc/apps/dgst.pod
+++ b/doc/apps/dgst.pod
@@ -13,7 +13,6 @@ B<openssl> B<dgst>
-[B<-hmac arg>]
[B<-out filename>]
[B<-sign filename>]
@@ -64,10 +63,6 @@ output the digest or signature in binary form.
output the digest in the "coreutils" format used by programs like B<sha1sum>.
-=item B<-hmac arg>
-set the HMAC key to "arg".
=item B<-non-fips-allow>
Allow use of non FIPS digest when in FIPS mode. This has no effect when not in
diff --git a/doc/apps/genrsa.pod b/doc/apps/genrsa.pod
index cb03d09b95eb..3dc9870f34b9 100644
--- a/doc/apps/genrsa.pod
+++ b/doc/apps/genrsa.pod
@@ -10,12 +10,6 @@ B<openssl> B<genrsa>
[B<-out filename>]
[B<-passout arg>]
diff --git a/doc/apps/pkcs12.pod b/doc/apps/pkcs12.pod
index 8e0d91798ac4..744984838dc7 100644
--- a/doc/apps/pkcs12.pod
+++ b/doc/apps/pkcs12.pod
@@ -216,7 +216,7 @@ key is encrypted using triple DES and the certificate using 40 bit RC2.
these options allow the algorithm used to encrypt the private key and
certificates to be selected. Any PKCS#5 v1.5 or PKCS#12 PBE algorithm name
-can be used (see B<NOTES> section for more information). If a a cipher name
+can be used (see B<NOTES> section for more information). If a cipher name
(as output by the B<list-cipher-algorithms> command is specified then it
is used with PKCS#5 v2.0. For interoperability reasons it is advisable to only
use PKCS#12 algorithms.
diff --git a/doc/apps/req.pod b/doc/apps/req.pod
index df68cb0921fd..54a4d394d282 100644
--- a/doc/apps/req.pod
+++ b/doc/apps/req.pod
@@ -30,7 +30,6 @@ B<openssl> B<req>
[B<-keygen_engine id>]
[B<-config filename>]
-[B<-subj arg>]
[B<-days n>]
@@ -490,7 +489,7 @@ be input by calling it "1.organizationName".
The actual permitted field names are any object identifier short or
long names. These are compiled into OpenSSL and include the usual
values such as commonName, countryName, localityName, organizationName,
-organizationUnitName, stateOrProvinceName. Additionally emailAddress
+organizationalUnitName, stateOrProvinceName. Additionally emailAddress
is include as well as name, surname, givenName initials and dnQualifier.
Additional object identifiers can be defined with the B<oid_file> or
@@ -506,16 +505,16 @@ Examine and verify certificate request:
Create a private key and then generate a certificate request from it:
- openssl genrsa -out key.pem 1024
+ openssl genrsa -out key.pem 2048
openssl req -new -key key.pem -out req.pem
The same but just using req:
- openssl req -newkey rsa:1024 -keyout key.pem -out req.pem
+ openssl req -newkey rsa:2048 -keyout key.pem -out req.pem
Generate a self signed root certificate:
- openssl req -x509 -newkey rsa:1024 -keyout key.pem -out req.pem
+ openssl req -x509 -newkey rsa:2048 -keyout key.pem -out req.pem
Example of a file pointed to by the B<oid_file> option:
@@ -531,7 +530,7 @@ expansion:
Sample configuration file prompting for field values:
[ req ]
- default_bits = 1024
+ default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
@@ -572,7 +571,7 @@ Sample configuration containing all field values:
[ req ]
- default_bits = 1024
+ default_bits = 2048
default_keyfile = keyfile.pem
distinguished_name = req_distinguished_name
attributes = req_attributes
diff --git a/doc/apps/x509.pod b/doc/apps/x509.pod
index a1326edeefb6..26f71c883295 100644
--- a/doc/apps/x509.pod
+++ b/doc/apps/x509.pod
@@ -539,7 +539,8 @@ very rare and their use is discouraged). The options ending in
"space" additionally place a space after the separator to make it
more readable. The B<sep_multiline> uses a linefeed character for
the RDN separator and a spaced B<+> for the AVA separator. It also
-indents the fields by four characters.
+indents the fields by four characters. If no field separator is specified
+then B<sep_comma_plus_space> is used by default.
=item B<dn_rev>