couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rnew...@apache.org
Subject [44/50] documentation commit: updated refs/heads/import-master to fe7f7bf
Date Thu, 10 Jul 2014 09:47:43 GMT
Support `fail_if_no_peer_cert` ssl option


Project: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/commit/eb3b599b
Tree: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/tree/eb3b599b
Diff: http://git-wip-us.apache.org/repos/asf/couchdb-documentation/diff/eb3b599b

Branch: refs/heads/import-master
Commit: eb3b599b16478416c01bd36be15b6e6eb1e5c318
Parents: 867bd1a
Author: Klaus Trainer <klaus_trainer@apache.org>
Authored: Mon May 12 01:43:05 2014 +0200
Committer: Klaus Trainer <klaus_trainer@apache.org>
Committed: Wed May 14 16:32:59 2014 +0200

----------------------------------------------------------------------
 src/config/http.rst | 11 +++++++++++
 1 file changed, 11 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/couchdb-documentation/blob/eb3b599b/src/config/http.rst
----------------------------------------------------------------------
diff --git a/src/config/http.rst b/src/config/http.rst
index dfe8d5a..f4fade1 100644
--- a/src/config/http.rst
+++ b/src/config/http.rst
@@ -387,6 +387,17 @@ Secure Socket Level Options
       [ssl]
       verify_ssl_certificates = false
 
+  .. config:option:: fail_if_no_peer_cert :: Require presence of client certificate if certificate
verification is enabled
+
+    Set to `true` to terminate the TLS/SSL handshake with a
+    `handshake_failure` alert message if the client does not send a
+    certificate. Only used if `verify_ssl_certificates` is `true`. If
+    set to `false` it will only fail if the client sends an invalid
+    certificate (an empty certificate is considered valid)::
+
+      [ssl]
+      fail_if_no_peer_cert = false
+
   .. config:option:: secure_renegotiate :: Enable secure renegotiation
 
     Set to `true` to reject renegotiation attempt that does not live up to RFC 5746::


Mime
View raw message