doc: document PKCS12 password prompting for certificates

Document that commands reading certificates from PKCS#12 files may
prompt for a password. The existing documentation only mentioned
password prompting for private keys.

Fixes #21292

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.foundation>
MergeDate: Fri Apr  3 15:52:28 2026
(Merged from https://github.com/openssl/openssl/pull/29918)

(cherry picked from commit c7b283263290e5bbcb3aa64af5e983ae73106268)

diff --git a/doc/man1/openssl-format-options.pod b/doc/man1/openssl-format-options.pod
index b85b34a682f8c1fa3466ad2d18d3d9784716ea95..17d305ef06c3dcbd054e73b4268537d8549c3ac8 100644 (file)
--- a/doc/man1/openssl-format-options.pod
+++ b/doc/man1/openssl-format-options.pod
@@ -64,7 +64,7 @@ A binary format, encoded or parsed according to Distinguished Encoding Rules
 
 A DER-encoded file containing a PKCS#12 object.
 It might be necessary to provide a decryption password to retrieve
-the private key.
+the private key or certificate.
 
 =item B<PEM>