> "keyform", OPT_KEYFORM, 'f', "Private key file format (PEM or ENGINE)" > > while the valid choices seem to be PEM or DER, not PEM or ENGINE:
No, it depends on the command. Some, for example, expect keys to be stored in the ENGINE (presumably an HSM). The docs are often outdated. But pem/der is the majority of choices. The right thing to do is change opt_format to be generic, and specify exactly which types of formats are supported. -- Principal Security Engineer Akamai Technologies, Cambridge, MA IM: rs...@jabber.me; Twitter: RichSalz ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
