Description of '-a pemfile' and '-A pemfile' are incorrectly mixed together:
-a pemfile
Use client certificate from pemfile when destination server re‐
quests a client certificate. -A pemfile Use private key, cer‐
tificate and certificate chain from PEM file pemfile as leaf
certificate instead of generating a leaf certificate on the fly.
The PEM file must contain a single private key, a single cer‐
tificate and optionally intermediate and root CA certificates to
use as certificate chain. When using -t, SSLsplit will first
attempt to use a matching certificate loaded from certdir. If
-t is also used and a connection matches any certificate in the
directory specified with the -t option, that matching certifi‐
cate is used instead, taking precedence over the certificate
specified with -A.
They should be like:
-a pemfile
Use client certificate from pemfile when destination server re‐
quests a client certificate.
-A pemfile
Use private key, certificate and certificate chain from PEM file
pemfile as leaf certificate instead of generating a leaf cer‐
tificate on the fly. The PEM file must contain a single private
key, a single certificate and optionally intermediate and root
CA certificates to use as certificate chain. When using -t,
SSLsplit will first attempt to use a matching certificate loaded
from certdir. If -t is also used and a connection matches any
certificate in the directory specified with the -t option, that
matching certificate is used instead, taking precedence over the
certificate specified with -A.
Fix:
--- sslsplit.1.in 2021-02-04 10:05:05.211796318 +0800
+++ sslsplit.1.in.org 2021-02-04 10:04:30.280082997 +0800
@@ -116,7 +116,6 @@
.B \-a \fIpemfile\fP
Use client certificate from \fIpemfile\fP when destination server requests a
client certificate.
-.TP
.B \-A \fIpemfile\fP
Use private key, certificate and certificate chain from PEM file \fIpemfile\fP
as leaf certificate instead of generating a leaf certificate on the fly.
Description of '-a pemfile' and '-A pemfile' are incorrectly mixed together:
They should be like:
Fix: