1 files changed, 29 insertions, 0 deletions
diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod
index 83e4c0af81..9d287f0c4d 100644
--- a/src/lib/libssl/src/doc/apps/CA.pl.pod
+++ b/src/lib/libssl/src/doc/apps/CA.pl.pod
@@ -102,6 +102,35 @@ the request and finally create a PKCS#12 file containing it.
 CA.pl -signreq
 CA.pl -pkcs12 "My Test Certificate"
+=head1 DSA CERTIFICATES
+Although the B<CA.pl> creates RSA CAs and requests it is still possible to
+use it with DSA certificates and requests using the L<req(1)|req(1)> command
+directly. The following example shows the steps that would typically be taken.
+Create some DSA parameters:
+ openssl dsaparam -out dsap.pem 1024
+Create a DSA CA certificate and private key:
+ openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
+Create the CA directories and files:
+ CA.pl -newca
+enter cacert.pem when prompted for the CA file name.
+Create a DSA certificate request and privat key (a different set of parameters
+can optionally be created first):
+ openssl req -out newreq.pem -newkey dsa:dsap.pem 
+Sign the request:
+ CA.pl -signreq
 =head1 NOTES
 Most of the filenames mentioned can be modified by editing the B<CA.pl> script.

diff --git a/src/lib/libssl/src/doc/apps/CA.pl.pod b/src/lib/libssl/src/doc/apps/CA.pl.pod index 83e4c0af81..9d287f0c4d 100644 --- a/src/lib/libssl/src/doc/apps/CA.pl.pod +++ b/src/lib/libssl/src/doc/apps/CA.pl.pod
@@ -102,6 +102,35 @@ the request and finally create a PKCS#12 file containing it.
102	CA.pl -signreq	102	CA.pl -signreq
103	CA.pl -pkcs12 "My Test Certificate"	103	CA.pl -pkcs12 "My Test Certificate"
104		104
		105	=head1 DSA CERTIFICATES
		106
		107	Although the B<CA.pl> creates RSA CAs and requests it is still possible to
		108	use it with DSA certificates and requests using the L<req(1)\|req(1)> command
		109	directly. The following example shows the steps that would typically be taken.
		110
		111	Create some DSA parameters:
		112
		113	openssl dsaparam -out dsap.pem 1024
		114
		115	Create a DSA CA certificate and private key:
		116
		117	openssl req -x509 -newkey dsa:dsap.pem -keyout cacert.pem -out cacert.pem
		118
		119	Create the CA directories and files:
		120
		121	CA.pl -newca
		122
		123	enter cacert.pem when prompted for the CA file name.
		124
		125	Create a DSA certificate request and privat key (a different set of parameters
		126	can optionally be created first):
		127
		128	openssl req -out newreq.pem -newkey dsa:dsap.pem
		129
		130	Sign the request:
		131
		132	CA.pl -signreq
		133
105	=head1 NOTES	134	=head1 NOTES
106		135
107	Most of the filenames mentioned can be modified by editing the B<CA.pl> script.	136	Most of the filenames mentioned can be modified by editing the B<CA.pl> script.