mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 20:46:11 +02:00
Code Issues Projects Releases Wiki Activity

DOC: ssl: fixed some formatting errors in crt tag

Browse Source 
Fixed grammar error in crt tag as well as fixed table in example.
This commit is contained in:
yanbzhu 2016-01-05 12:52:02 -05:00 committed by Willy Tarreau
parent f9476a5a30
commit 6c25e9e83a
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
doc/configuration.txt
View File

@ -9668,10 +9668,10 @@ crt <cert>
valid Signed Certificate Timestamp List, as described in RFC. File is parsed
to check basic syntax, but no signatures are verified.
There are cases where it is desirable support multiple key types (RSA/ECDSA)
in the cipher suites offered to the clients. This allows clients that support
EC certificates to be able to use EC ciphers, while simultaneously supporting
older, RSA only clients.
There are cases where it is desirable to support multiple key types, e.g. RSA
and ECDSA in the cipher suites offered to the clients. This allows clients
that support EC certificates to be able to use EC ciphers, while
simultaneously supporting older, RSA only clients.
In order to provide this functionality, multiple PEM files, each with a
different key type, are required. To associate these PEM files into a
@ -9685,7 +9685,7 @@ crt <cert>
Example : bind :8443 ssl crt example.pem
Note that the suffix is not given to haproxy, this tells haproxy to look for
Note that the suffix is not given to haproxy; this tells haproxy to look for
a cert bundle.
Haproxy will load all PEM files in the bundle at the same time to try to
@ -9700,7 +9700,7 @@ crt <cert>
Filename | CN | SAN
-------------------+-----------------+-------------------
example.pem.rsa | www.example.com | rsa.example.com
-------------------+-----------------+--+----------------
-------------------+-----------------+-------------------
example.pem.ecdsa | www.example.com | ecdsa.example.com
-------------------+-----------------+-------------------
@ -9739,8 +9739,8 @@ crt-list <file>
certificate is still needed to meet OpenSSL expectations. If it is not used,
the 'strict-sni' option may be used.
Multi-cert bundling (see "crt") is support with crt-list, as long as only the
base name is given in the crt-list. Due to the nature of bundling, all SNI
Multi-cert bundling (see "crt") is supported with crt-list, as long as only
the base name is given in the crt-list. Due to the nature of bundling, all SNI
filters given to a multi-cert bundle entry are ignored.
defer-accept