From: Rich Bowen <rbowen@apache.org>
Date: Thu, 16 Apr 2015 18:21:23 +0000 (+0000)
Subject: Applies fix recommended in bz56346
X-Git-Tag: 2.4.13~209
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=15dbc407be6a52ed8f4bfd1ee703d41c21b64036;p=thirdparty%2Fapache%2Fhttpd.git

Applies fix recommended in bz56346


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/2.4.x@1674127 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/ssl/ssl_faq.xml b/docs/manual/ssl/ssl_faq.xml
index d144aa84d91..58e0b88bf58 100644
--- a/docs/manual/ssl/ssl_faq.xml
+++ b/docs/manual/ssl/ssl_faq.xml
@@ -347,7 +347,7 @@ SSLCertificateKeyFile "/path/to/this/server.key"
     <p>The short answer is to use the <code>CA.sh</code> or <code>CA.pl</code>
     script provided by OpenSSL. Unless you have a good reason not to,
     you should use these for preference. If you cannot, you can create a
-    self-signed Certificate as follows:</p>
+    self-signed certificate as follows:</p>
 
     <ol>
     <li>Create a RSA private key for your server
@@ -368,11 +368,11 @@ SSLCertificateKeyFile "/path/to/this/server.key"
        <code><strong>$ openssl rsa -in server.key -out server.key.unsecure</strong></code><br />
        <br />
     </li>
-    <li>Create a self-signed Certificate (X509 structure)
+    <li>Create a self-signed certificate (X509 structure)
        with the RSA key you just created (output will be PEM formatted):<br />
        <br />
        <code><strong>$ openssl req -new -x509 -nodes -sha1 -days 365
-                       -key server.key -out server.crt</strong></code><br />
+                       -key server.key -out server.crt -extensions usr_cert</strong></code><br />
        <br />
        This signs the server CSR and results in a <code>server.crt</code> file.<br />
        You can see the details of this Certificate using:<br />