Applies fix recommended in bz56346

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1674127 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/docs/manual/ssl/ssl_faq.xml b/docs/manual/ssl/ssl_faq.xml
index d144aa84d91d415bda5eb029258546d95674b7dd..58e0b88bf58b3c8a5fe839bc3e8cafad62441f8f 100644 (file)
--- a/docs/manual/ssl/ssl_faq.xml
+++ b/docs/manual/ssl/ssl_faq.xml
@@ -347,7 +347,7 @@ SSLCertificateKeyFile "/path/to/this/server.key"
     <p>The short answer is to use the <code>CA.sh</code> or <code>CA.pl</code>
     script provided by OpenSSL. Unless you have a good reason not to,
     you should use these for preference. If you cannot, you can create a
-    self-signed Certificate as follows:</p>
+    self-signed certificate as follows:</p>
 
     <ol>
     <li>Create a RSA private key for your server
@@ -368,11 +368,11 @@ SSLCertificateKeyFile "/path/to/this/server.key"
        <code><strong>$ openssl rsa -in server.key -out server.key.unsecure</strong></code><br />
        <br />
     </li>
-    <li>Create a self-signed Certificate (X509 structure)
+    <li>Create a self-signed certificate (X509 structure)
        with the RSA key you just created (output will be PEM formatted):<br />
        <br />
        <code><strong>$ openssl req -new -x509 -nodes -sha1 -days 365
-                       -key server.key -out server.crt</strong></code><br />
+                       -key server.key -out server.crt -extensions usr_cert</strong></code><br />
        <br />
        This signs the server CSR and results in a <code>server.crt</code> file.<br />
        You can see the details of this Certificate using:<br />