From 073f4ed111b0b10dcbd81fc112f9d66e41f40fac Mon Sep 17 00:00:00 2001
From: Karen Arutyunov <karen@codesynthesis.com>
Date: Wed, 17 Nov 2021 17:43:22 +0300
Subject: Use pkeyutl command instead of rsautl starting openssl version 3.0.0

---
 bpkg/common.cli | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

(limited to 'bpkg/common.cli')

diff --git a/bpkg/common.cli b/bpkg/common.cli
index 5f67357..dd0417d 100644
--- a/bpkg/common.cli
+++ b/bpkg/common.cli
@@ -287,13 +287,17 @@ namespace bpkg
        only applicable to the specific command, for example:
 
        \
-       bpkg rep-create                     \
-         --openssl rsautl:/path/to/openssl \
-         --openssl-option rsautl:-engine   \
-         --openssl-option rsautl:pkcs11    \
+       bpkg rep-create                      \
+         --openssl pkeyutl:/path/to/openssl \
+         --openssl-option pkeyutl:-engine   \
+         --openssl-option pkeyutl:pkcs11    \
          ...
        \
 
+       Note that for \cb{openssl} versions prior to \cb{3.0.0} \cb{bpkg} uses
+       the \cb{rsautl} command instead of \cb{pkeyutl} for the data signing
+       and recovery operations.
+
        An unqualified value that contains a colon can be specified as
        qualified with an empty command, for example, \cb{--openssl
        :C:\\bin\\openssl}. To see openssl commands executed by \cb{bpkg}, use
-- 
cgit v1.1