...

...

@@ -230,7 +230,7 @@

230

230

<entry>When verifying a message, certificates (if

231

231

any) included in the message are normally searched for the

232

232

signing certificate. With this option only the

233

-

certificates specified in the <parameter>extracerts</parameter>

233

+

certificates specified in the <parameter>untrusted_certificates_filename</parameter>

234

234

parameter of <function>openssl_pkcs7_verify</function> are

235

235

used. The supplied certificates can still be used as

236

236

untrusted CAs however.

...

...

@@ -262,7 +262,7 @@

262

262

included - with this option it is excluded. This will reduce the

263

263

size of the signed message but the verifier must have a copy of the

264

264

signers certificate available locally (passed using the

265

-

<parameter>extracerts</parameter> to

265

+

<parameter>untrusted_certificates_filename</parameter> to

266

266

<function>openssl_pkcs7_verify</function> for example).

267

267

</entry>

268

268

</row>

269

269