From: Tomas Mraz <tomas@openssl.org>
Date: Tue, 2 Apr 2024 16:47:26 +0000 (+0200)
Subject: openssl-crl(1): The -verify option is implied by -CA* options
X-Git-Tag: openssl-3.1.6~70
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9003c57002a4863b281bbc1c5f1af9b6ded4ef9e;p=thirdparty%2Fopenssl.git

openssl-crl(1): The -verify option is implied by -CA* options

Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Todd Short <todd.short@me.com>
(Merged from https://github.com/openssl/openssl/pull/24024)

(cherry picked from commit a16f2e7651b22ee992bb0c279e25164b519c1e80)
---

diff --git a/doc/man1/openssl-crl.pod.in b/doc/man1/openssl-crl.pod.in
index 7e15f6445a6..25af2483e74 100644
--- a/doc/man1/openssl-crl.pod.in
+++ b/doc/man1/openssl-crl.pod.in
@@ -95,6 +95,9 @@ Print out the CRL in text form.
 
 Verify the signature in the CRL.
 
+This option is implicitly enabled if any of B<-CApath>, B<-CAfile>
+or B<-CAstore> is specified.
+
 =item B<-noout>
 
 Don't output the encoded version of the CRL.