mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-11 09:37:20 +02:00
Code Issues Projects Releases Wiki Activity

DOC: ssl : add statements 'notlsv11' and 'notlsv12' and rename 'notlsv1' to 'notlsv10'.

Browse Source 
This applies both to "bind" and "server" statements.
This commit is contained in:
Emeric Brun 2012-09-28 19:42:54 +02:00 committed by Willy Tarreau
parent c0ff4924c0
commit f5da49392a
1 changed files with 28 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
doc/configuration.txt
View File

@ -6897,9 +6897,21 @@ nosslv3
SSL is supported. Note that SSLv2 is forced disabled in the code and cannot
be enabled using any configuration option.
notlsv1
notlsv10
This setting is only available when support for OpenSSL was built in. It
disables support for TLSv1 on any sockets instanciated from the listener when
disables support for TLSv10 on any sockets instanciated from the listener when
SSL is supported. Note that SSLv2 is forced disabled in the code and cannot
be enabled using any configuration option.
notlsv11
This setting is only available when support for OpenSSL was built in. It
disables support for TLSv11 on any sockets instanciated from the listener when
SSL is supported. Note that SSLv2 is forced disabled in the code and cannot
be enabled using any configuration option.
notlsv12
This setting is only available when support for OpenSSL was built in. It
disables support for TLSv12 on any sockets instanciated from the listener when
SSL is supported. Note that SSLv2 is forced disabled in the code and cannot
be enabled using any configuration option.
@ -7126,8 +7138,20 @@ nosslv3
the server. Note that SSLv2 is disabled in the code and cannot be enabled
using any configuration option.
notlsv1
This option disables support for TLSv1 when SSL is used to communicate with
notlsv10
This option disables support for TLSv10 when SSL is used to communicate with
the server. Note that SSLv2 is disabled in the code and cannot be enabled
using any configuration option. TLSv1 is more expensive than SSLv3 so it
often makes sense to disable it when communicating with local servers.
notlsv11
This option disables support for TLSv11 when SSL is used to communicate with
the server. Note that SSLv2 is disabled in the code and cannot be enabled
using any configuration option. TLSv1 is more expensive than SSLv3 so it
often makes sense to disable it when communicating with local servers.
notlsv12
This option disables support for TLSv12 when SSL is used to communicate with
the server. Note that SSLv2 is disabled in the code and cannot be enabled
using any configuration option. TLSv1 is more expensive than SSLv3 so it
often makes sense to disable it when communicating with local servers.