Centralize documentation about config file location

Reviewed-by: Richard Levitte <levitte@openssl.org> (Merged from https://github.com/openssl/openssl/pull/2569)
2025-05-18 12:29:42 +00:00 · 2017-02-07 11:33:21 -05:00 · 2017-02-07 11:33:21 -05:00 · e9681f8314
commit e9681f8314
parent 4bf73e9f86
5 changed files with 24 additions and 34 deletions
--- a/doc/man1/CA.pl.pod
+++ b/doc/man1/CA.pl.pod
@ -191,18 +191,12 @@ be wrong. In this case the command:
 perl -S CA.pl
 can be used and the B<OPENSSL_CONF> environment variable changed to point to
-the correct path of the configuration file "openssl.cnf".
+the correct path of the configuration file.
 The script is intended as a simple front end for the B<openssl> program for use
 by a beginner. Its behaviour isn't always what is wanted. For more control over the
 behaviour of the certificate commands call the B<openssl> command directly.
 =head1 ENVIRONMENT VARIABLES
 The variable B<OPENSSL_CONF> if defined allows an alternative configuration
 file location to be specified, it should contain the full path to the
 configuration file, not just its directory.
 =head1 SEE ALSO
 L<x509(1)>, L<ca(1)>, L<req(1)>, L<pkcs12(1)>,
--- a/doc/man1/ca.pod
+++ b/doc/man1/ca.pod
@ -77,6 +77,8 @@ this prints extra details about the operations being performed.
 =item B<-config filename>
 specifies the configuration file to use.
 Optional; for a description of the default value,
 see L<openssl(1)/COMMAND SUMMARY>.
 =item B<-name section>
@ -633,11 +635,6 @@ The values below reflect the default values.
 ./demoCA/certs                 - certificate output file
 ./demoCA/.rnd                  - CA random seed information
 =head1 ENVIRONMENT VARIABLES
 B<OPENSSL_CONF> reflects the location of master configuration file it can
 be overridden by the B<-config> command line option.
 =head1 RESTRICTIONS
 The text database index file is a critical part of the process and
--- a/doc/man1/openssl.pod
+++ b/doc/man1/openssl.pod
@ -40,6 +40,15 @@ The B<openssl> program provides a rich variety of commands (I<command> in the
 SYNOPSIS above), each of which often has a wealth of options and arguments
 (I<command_opts> and I<command_args> in the SYNOPSIS).
 Many commands use an external configuration file for some or all of their
 arguments and have a B<-config> option to specify that file.
 The environment variable B<OPENSSL_CONF> can be used to specify
 the location of the file.
 If the environment variable is not specified, then the file is named
 B<openssl.cnf> in the default certificate storage area, whose value
 depends on the configuration flags specified when the OpenSSL
 was built.
 The list parameters B<standard-commands>, B<digest-commands>,
 and B<cipher-commands> output a list (one entry per line) of the names
 of all standard commands, message digest commands, or cipher commands,
--- a/doc/man1/req.pod
+++ b/doc/man1/req.pod
@ -204,9 +204,9 @@ GOST R 34.11-94 (B<-md_gost94>).
 =item B<-config filename>
-this allows an alternative configuration file to be specified,
+this allows an alternative configuration file to be specified.
-this overrides the compile time filename or any specified in
+Optional; for a description of the default value,
-the B<OPENSSL_CONF> environment variable.
+see L<openssl(1)/COMMAND SUMMARY>.
 =item B<-subj arg>
@ -623,12 +623,6 @@ then the B<SET OF> is missing and the encoding is technically invalid (but
 it is tolerated). See the description of the command line option B<-asn1-kludge>
 for more information.
 =head1 ENVIRONMENT VARIABLES
 The variable B<OPENSSL_CONF> if defined allows an alternative configuration
 file location to be specified, it will be overridden by the B<-config> command
 line switch if it is present.
 =head1 BUGS
 OpenSSL's handling of T61Strings (aka TeletexStrings) is broken: it effectively
--- a/doc/man1/ts.pod
+++ b/doc/man1/ts.pod
@ -139,9 +139,9 @@ MS-Windows, B<,> for VMS and B<:> for all other platforms. (Optional)
 =item B<-config> configfile
-The configuration file to use, this option overrides the
+The configuration file to use.
-B<OPENSSL_CONF> environment variable. Only the OID section
+Optional; for a description of the default value,
-of the config file is used with the B<-query> command. (Optional)
+see L<openssl(1)/COMMAND SUMMARY>.
 =item B<-data> file_to_hash
@ -216,9 +216,10 @@ otherwise it is a time stamp token (ContentInfo).
 =item B<-config> configfile
-The configuration file to use, this option overrides the
+The configuration file to use.
-B<OPENSSL_CONF> environment variable. See B<CONFIGURATION FILE
+Optional; for a description of the default value,
-OPTIONS> for configurable variables. (Optional)
+see L<openssl(1)/COMMAND SUMMARY>.
 See B<CONFIGURATION FILE OPTIONS> for configurable variables.
 =item B<-section> tsa_section
@ -386,8 +387,8 @@ verification.  See L<verify(1)>.
 =head1 CONFIGURATION FILE OPTIONS
-The B<-query> and B<-reply> commands make use of a configuration file
+The B<-query> and B<-reply> commands make use of a configuration file.
-defined by the B<OPENSSL_CONF> environment variable. See L<config(5)>
+See L<config(5)>
 for a general description of the syntax of the config file. The
 B<-query> command uses only the symbolic OID names section
 and it can work without it. However, the B<-reply> command needs the
@ -505,11 +506,6 @@ included. Default is no. (Optional)
 =back
 =head1 ENVIRONMENT VARIABLES
 B<OPENSSL_CONF> contains the path of the configuration file and can be
 overridden by the B<-config> command line option.
 =head1 EXAMPLES
 All the examples below presume that B<OPENSSL_CONF> is set to a proper