mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-09-23 06:41:32 +02:00
Code Issues Projects Releases Wiki Activity

DOC: Fix rename of options cafile and crlfile to ca-file and crl-file.

Browse Source
This commit is contained in:
Emeric Brun 2012-10-11 16:28:27 +02:00 committed by Willy Tarreau
parent ef42d9219d
commit fd33a26d75
1 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
doc/configuration.txt
View File

@ -485,8 +485,8 @@ The following keywords are supported in the "global" section :
ca-base <dir> ca-base <dir>
Assigns a default directory to fetch SSL CA certificates and CRLs from when a Assigns a default directory to fetch SSL CA certificates and CRLs from when a
relative path is used with "cafile" or "crlfile" directives. Absolute relative path is used with "ca-file" or "crl-file" directives. Absolute
locations specified in "cafile" and "crlfile" prevail and ignore "ca-base". locations specified in "ca-file" and "crl-file" prevail and ignore "ca-base".
chroot <jail dir> chroot <jail dir>
Changes current directory to <jail dir> and performs a chroot() there before Changes current directory to <jail dir> and performs a chroot() there before
@ -6758,7 +6758,7 @@ ecdhe <named curve>
the named curve (RFC 4492) used to generate ECDH ephemeral keys and makes the named curve (RFC 4492) used to generate ECDH ephemeral keys and makes
ECDHE cipher suites usable. ECDHE cipher suites usable.
cafile <cafile> ca-file <cafile>
This setting is only available when support for OpenSSL was built in. It This setting is only available when support for OpenSSL was built in. It
designates a PEM file from which to load CA certificates used to verify designates a PEM file from which to load CA certificates used to verify
client's certificate. client's certificate.
@ -6776,7 +6776,7 @@ ciphers <ciphers>
in "man 1 ciphers" from OpenSSL man pages, and can be for instance a string in "man 1 ciphers" from OpenSSL man pages, and can be for instance a string
such as "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" (without quotes). such as "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH" (without quotes).
crlfile <cafile> crl-file <crlfile>
This setting is only available when support for OpenSSL was built in. It This setting is only available when support for OpenSSL was built in. It
designates a PEM file from which to load certificate revocation list used designates a PEM file from which to load certificate revocation list used
to verify client's certificate. to verify client's certificate.
@ -7008,10 +7008,10 @@ verify [none|optional|required]
cases, a client certificate is requested. If the client does not provide a cases, a client certificate is requested. If the client does not provide a
certificate after the request and if 'verify' is set to 'required', then the certificate after the request and if 'verify' is set to 'required', then the
handshake is aborted, while it would have succeeded if set to 'optional'. The handshake is aborted, while it would have succeeded if set to 'optional'. The
certificate provided by the client is always verified using CAs from 'cafile' certificate provided by the client is always verified using CAs from
and optional CRLs from 'crlfile'. On verify failure the handshake is aborted, 'ca-file' and optional CRLs from 'crl-file'. On verify failure the handshake
regardless of the 'verify' option, unless the error code exactly matches one is aborted, regardless of the 'verify' option, unless the error code exactly
of those listed with 'ca-ignore-err' or 'crt-ignore-err'. matches one of those listed with 'ca-ignore-err' or 'crt-ignore-err'.
5.2. Server and default-server options 5.2. Server and default-server options
------------------------------------ ------------------------------------