1 files changed, 0 insertions, 179 deletions
diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod
deleted file mode 100644
index d326101cde..0000000000
--- a/src/lib/libssl/src/doc/apps/CA.pl.pod
+++ /dev/null
@@ -1,179 +0,0 @@
-=pod
-=head1 NAME
-CA.pl - friendlier interface for OpenSSL certificate programs
-=head1 SYNOPSIS
-B<CA.pl>
-[B<-?>]
-[B<-h>]
-[B<-help>]
-[B<-newcert>]
-[B<-newreq>]
-[B<-newreq-nodes>]
-[B<-newca>]
-[B<-xsign>]
-[B<-sign>]
-[B<-signreq>]
-[B<-signcert>]
-[B<-verify>]
-[B<files>]
-=head1 DESCRIPTION
-The B<CA.pl> script is a perl script that supplies the relevant command line
-arguments to the B<openssl> command for some common certificate operations.
-It is intended to simplify the process of certificate creation and management
-by the use of some simple options.
-=head1 COMMAND OPTIONS
-=over 4
-=item B<?>, B<-h>, B<-help>
-prints a usage message.
-=item B<-newcert>
-creates a new self signed certificate. The private key is written to the file
-"newkey.pem" and the request written to the file "newreq.pem".
-=item B<-newreq>
-creates a new certificate request. The private key is written to the file
-"newkey.pem" and the request written to the file "newreq.pem".
-=item B<-newreq-nodes>
-is like B<-newreq> except that the private key will not be encrypted.
-=item B<-newca>
-creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>
-and B<-xsign> options). The user is prompted to enter the filename of the CA
-certificates (which should also contain the private key) or by hitting ENTER
-details of the CA will be prompted for. The relevant files and directories
-are created in a directory called "demoCA" in the current directory.
-=item B<-pkcs12>
-create a PKCS#12 file containing the user certificate, private key and CA
-certificate. It expects the user certificate and private key to be in the
-file "newcert.pem" and the CA certificate to be in the file demoCA/cacert.pem,
-it creates a file "newcert.p12". This command can thus be called after the
-B<-sign> option. The PKCS#12 file can be imported directly into a browser.
-If there is an additional argument on the command line it will be used as the
-"friendly name" for the certificate (which is typically displayed in the browser
-list box), otherwise the name "My Certificate" is used.
-=item B<-sign>, B<-signreq>, B<-xsign>
-calls the B<ca> program to sign a certificate request. It expects the request
-to be in the file "newreq.pem". The new certificate is written to the file
-"newcert.pem" except in the case of the B<-xsign> option when it is written
-to standard output.
-=item B<-signCA>
-this option is the same as the B<-signreq> option except it uses the configuration
-file section B<v3_ca> and so makes the signed request a valid CA certificate. This
-is useful when creating intermediate CA from a root CA.
-=item B<-signcert>
-this option is the same as B<-sign> except it expects a self signed certificate
-to be present in the file "newreq.pem".
-=item B<-verify>
-verifies certificates against the CA certificate for "demoCA". If no certificates
-are specified on the command line it tries to verify the file "newcert.pem". 
-=item B<files>
-one or more optional certificate file names for use with the B<-verify> command.
-=back
-=head1 EXAMPLES
-Create a CA hierarchy:
- CA.pl -newca
-Complete certificate creation example: create a CA, create a request, sign
-the request and finally create a PKCS#12 file containing it.
- CA.pl -newca
- CA.pl -newreq
- CA.pl -signreq
- CA.pl -pkcs12 "My Test Certificate"
-=head1 DSA CERTIFICATES
-Although the B<CA.pl> creates RSA CAs and requests it is still possible to
-use it with DSA certificates and requests using the L<req(1)|req(1)> command
-directly. The following example shows the steps that would typically be taken.
-Create some DSA parameters:
- openssl dsaparam -out dsap.pem 1024
-Create a DSA CA certificate and private key:
- openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
-Create the CA directories and files:
- CA.pl -newca
-enter cacert.pem when prompted for the CA file name.
-Create a DSA certificate request and private key (a different set of parameters
-can optionally be created first):
- openssl req -out newreq.pem -newkey dsa:dsap.pem 
-Sign the request:
- CA.pl -signreq
-=head1 NOTES
-Most of the filenames mentioned can be modified by editing the B<CA.pl> script.
-If the demoCA directory already exists then the B<-newca> command will not
-overwrite it and will do nothing. This can happen if a previous call using
-the B<-newca> option terminated abnormally. To get the correct behaviour
-delete the demoCA directory if it already exists.
-Under some environments it may not be possible to run the B<CA.pl> script
-directly (for example Win32) and the default configuration file location may
-be wrong. In this case the command:
- perl -S CA.pl
-can be used and the B<OPENSSL_CONF> environment variable changed to point to 
-the correct path of the configuration file "openssl.cnf".
-The script is intended as a simple front end for the B<openssl> program for use
-by a beginner. Its behaviour isn't always what is wanted. For more control over the
-behaviour of the certificate commands call the B<openssl> command directly.
-=head1 ENVIRONMENT VARIABLES
-The variable B<OPENSSL_CONF> if defined allows an alternative configuration
-file location to be specified, it should contain the full path to the
-configuration file, not just its directory.
-=head1 SEE ALSO
-L<x509(1)|x509(1)>, L<ca(1)|ca(1)>, L<req(1)|req(1)>, L<pkcs12(1)|pkcs12(1)>,
-L<config(5)|config(5)>
-=cut

diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod deleted file mode 100644 index d326101cde..0000000000 --- a/src/lib/libssl/src/doc/apps/CA.pl.pod +++ /dev/null
@@ -1,179 +0,0 @@
1
2	=pod
3
4	=head1 NAME
5
6	CA.pl - friendlier interface for OpenSSL certificate programs
7
8	=head1 SYNOPSIS
9
10	B<CA.pl>
11	[B<-?>]
12	[B<-h>]
13	[B<-help>]
14	[B<-newcert>]
15	[B<-newreq>]
16	[B<-newreq-nodes>]
17	[B<-newca>]
18	[B<-xsign>]
19	[B<-sign>]
20	[B<-signreq>]
21	[B<-signcert>]
22	[B<-verify>]
23	[B<files>]
24
25	=head1 DESCRIPTION
26
27	The B<CA.pl> script is a perl script that supplies the relevant command line
28	arguments to the B<openssl> command for some common certificate operations.
29	It is intended to simplify the process of certificate creation and management
30	by the use of some simple options.
31
32	=head1 COMMAND OPTIONS
33
34	=over 4
35
36	=item B<?>, B<-h>, B<-help>
37
38	prints a usage message.
39
40	=item B<-newcert>
41
42	creates a new self signed certificate. The private key is written to the file
43	"newkey.pem" and the request written to the file "newreq.pem".
44
45	=item B<-newreq>
46
47	creates a new certificate request. The private key is written to the file
48	"newkey.pem" and the request written to the file "newreq.pem".
49
50	=item B<-newreq-nodes>
51
52	is like B<-newreq> except that the private key will not be encrypted.
53
54	=item B<-newca>
55
56	creates a new CA hierarchy for use with the B<ca> program (or the B<-signcert>
57	and B<-xsign> options). The user is prompted to enter the filename of the CA
58	certificates (which should also contain the private key) or by hitting ENTER
59	details of the CA will be prompted for. The relevant files and directories
60	are created in a directory called "demoCA" in the current directory.
61
62	=item B<-pkcs12>
63
64	create a PKCS#12 file containing the user certificate, private key and CA
65	certificate. It expects the user certificate and private key to be in the
66	file "newcert.pem" and the CA certificate to be in the file demoCA/cacert.pem,
67	it creates a file "newcert.p12". This command can thus be called after the
68	B<-sign> option. The PKCS#12 file can be imported directly into a browser.
69	If there is an additional argument on the command line it will be used as the
70	"friendly name" for the certificate (which is typically displayed in the browser
71	list box), otherwise the name "My Certificate" is used.
72
73	=item B<-sign>, B<-signreq>, B<-xsign>
74
75	calls the B<ca> program to sign a certificate request. It expects the request
76	to be in the file "newreq.pem". The new certificate is written to the file
77	"newcert.pem" except in the case of the B<-xsign> option when it is written
78	to standard output.
79
80
81	=item B<-signCA>
82
83	this option is the same as the B<-signreq> option except it uses the configuration
84	file section B<v3_ca> and so makes the signed request a valid CA certificate. This
85	is useful when creating intermediate CA from a root CA.
86
87	=item B<-signcert>
88
89	this option is the same as B<-sign> except it expects a self signed certificate
90	to be present in the file "newreq.pem".
91
92	=item B<-verify>
93
94	verifies certificates against the CA certificate for "demoCA". If no certificates
95	are specified on the command line it tries to verify the file "newcert.pem".
96
97	=item B<files>
98
99	one or more optional certificate file names for use with the B<-verify> command.
100
101	=back
102
103	=head1 EXAMPLES
104
105	Create a CA hierarchy:
106
107	CA.pl -newca
108
109	Complete certificate creation example: create a CA, create a request, sign
110	the request and finally create a PKCS#12 file containing it.
111
112	CA.pl -newca
113	CA.pl -newreq
114	CA.pl -signreq
115	CA.pl -pkcs12 "My Test Certificate"
116
117	=head1 DSA CERTIFICATES
118
119	Although the B<CA.pl> creates RSA CAs and requests it is still possible to
120	use it with DSA certificates and requests using the L<req(1)\|req(1)> command
121	directly. The following example shows the steps that would typically be taken.
122
123	Create some DSA parameters:
124
125	openssl dsaparam -out dsap.pem 1024
126
127	Create a DSA CA certificate and private key:
128
129	openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
130
131	Create the CA directories and files:
132
133	CA.pl -newca
134
135	enter cacert.pem when prompted for the CA file name.
136
137	Create a DSA certificate request and private key (a different set of parameters
138	can optionally be created first):
139
140	openssl req -out newreq.pem -newkey dsa:dsap.pem
141
142	Sign the request:
143
144	CA.pl -signreq
145
146	=head1 NOTES
147
148	Most of the filenames mentioned can be modified by editing the B<CA.pl> script.
149
150	If the demoCA directory already exists then the B<-newca> command will not
151	overwrite it and will do nothing. This can happen if a previous call using
152	the B<-newca> option terminated abnormally. To get the correct behaviour
153	delete the demoCA directory if it already exists.
154
155	Under some environments it may not be possible to run the B<CA.pl> script
156	directly (for example Win32) and the default configuration file location may
157	be wrong. In this case the command:
158
159	perl -S CA.pl
160
161	can be used and the B<OPENSSL_CONF> environment variable changed to point to
162	the correct path of the configuration file "openssl.cnf".
163
164	The script is intended as a simple front end for the B<openssl> program for use
165	by a beginner. Its behaviour isn't always what is wanted. For more control over the
166	behaviour of the certificate commands call the B<openssl> command directly.
167
168	=head1 ENVIRONMENT VARIABLES
169
170	The variable B<OPENSSL_CONF> if defined allows an alternative configuration
171	file location to be specified, it should contain the full path to the
172	configuration file, not just its directory.
173
174	=head1 SEE ALSO
175
176	L<x509(1)\|x509(1)>, L<ca(1)\|ca(1)>, L<req(1)\|req(1)>, L<pkcs12(1)\|pkcs12(1)>,
177	L<config(5)\|config(5)>
178
179	=cut