doc: document the -pedantic option to fipsinstall.

author Pauli <pauli@openssl.org>

Mon, 17 Apr 2023 05:39:24 +0000 (15:39 +1000)

committer Pauli <pauli@openssl.org>

Wed, 19 Apr 2023 23:21:51 +0000 (09:21 +1000)
author Pauli <pauli@openssl.org>
Mon, 17 Apr 2023 05:39:24 +0000 (15:39 +1000)
committer Pauli <pauli@openssl.org>
Wed, 19 Apr 2023 23:21:51 +0000 (09:21 +1000)
diff --git a/doc/man1/openssl-fipsinstall.pod.in b/doc/man1/openssl-fipsinstall.pod.in

index e3ceeb481c7132441643536a4de26c3c0694691d..eab19385f098dbb014af2202d9410bf76a11e5ec 100644 (file)
--- a/doc/man1/openssl-fipsinstall.pod.in
+++ b/doc/man1/openssl-fipsinstall.pod.in
@@ -19,6 +19,7 @@ B<openssl fipsinstall>
  [B<-macopt> I<nm>:I<v>]
  [B<-noout>]
  [B<-quiet>]
+[B<-pedantic>]
  [B<-no_conditional_errors>]
  [B<-no_security_checks>]
  [B<-ems_check>]
@@ -158,6 +159,14 @@ The default digest is SHA-256.
  
  Disable logging of the self tests.
  
+=item B<-pedantic>
+
+Configure the module so that it is strictly FIPS compliant rather
+than being backwards compatible.  This enables conditional errors,
+security checks etc.  Note that any previous configuration options will
+be overwritten and any subsequent configuration options that violate
+FIPS compliance will result in an error.
+
  =item B<-no_conditional_errors>
  
  Configure the module to not enter an error state if a conditional self test
author	Pauli <pauli@openssl.org>
	Mon, 17 Apr 2023 05:39:24 +0000 (15:39 +1000)
committer	Pauli <pauli@openssl.org>
	Wed, 19 Apr 2023 23:21:51 +0000 (09:21 +1000)