doc: Fix incorrect openssl option

The openssl command for displaying the DN of a client certificate was using --subject and not the single-dash option -subject. While recent versions of openssl handles double dash options, earlier does not so fix by using just -subject (which is per the openssl documentation). Backpatch to v14 where this was introduced. Reported-by: konkove@gmail.com Discussion: https://postgr.es/m/170672168899.666.10442618407194498217@wrigleys.postgresql.org Backpatch-through: v14
author: Daniel Gustafsson <dgustafsson@postgresql.org> 2024-02-01 09:36:34 +0100
committer: Daniel Gustafsson <dgustafsson@postgresql.org> 2024-02-01 09:36:34 +0100
commit: 61b1991ad0912ab4fbf9616f868a594a53f7d9fc (patch)
tree: 63448498499c792b275531f7e79874768e13abf4
parent: dde5b01c33f9a8c41f5598dd5d4db718df171eed (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 44f8fd02b0c..84d041a9ad8 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -631,7 +631,7 @@ hostnogssenc  <replaceable>database</replaceable>  <replaceable>user</replaceabl
        format. To see the <literal>DN</literal> of a client certificate
        in this format, do
 <programlisting>
-openssl x509 -in myclient.crt -noout --subject -nameopt RFC2253 | sed "s/^subject=//"
+openssl x509 -in myclient.crt -noout -subject -nameopt RFC2253 | sed "s/^subject=//"
 </programlisting>
         Care needs to be taken when using this option, especially when using
         regular expression matching against the <literal>DN</literal>.
author	Daniel Gustafsson <dgustafsson@postgresql.org>	2024-02-01 09:36:34 +0100
committer	Daniel Gustafsson <dgustafsson@postgresql.org>	2024-02-01 09:36:34 +0100
commit	61b1991ad0912ab4fbf9616f868a594a53f7d9fc (patch)
tree	63448498499c792b275531f7e79874768e13abf4
parent	dde5b01c33f9a8c41f5598dd5d4db718df171eed (diff)