httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From m...@apache.org
Subject cvs commit: httpd-2.0/docs/manual/mod mod_ssl.html.en mod_ssl.xml quickreference.html.en
Date Mon, 05 Jan 2004 21:41:38 GMT
mads        2004/01/05 13:41:38

  Modified:    docs/manual/mod Tag: APACHE_2_0_BRANCH mod_ssl.html.en
                        mod_ssl.xml quickreference.html.en
  Log:
  Doc backport from 2.1
  
  Revision  Changes    Path
  No                   revision
  No                   revision
  1.15.2.8  +15 -11    httpd-2.0/docs/manual/mod/mod_ssl.html.en
  
  Index: mod_ssl.html.en
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_ssl.html.en,v
  retrieving revision 1.15.2.7
  retrieving revision 1.15.2.8
  diff -u -r1.15.2.7 -r1.15.2.8
  --- mod_ssl.html.en	11 Nov 2003 20:08:37 -0000	1.15.2.7
  +++ mod_ssl.html.en	5 Jan 2004 21:41:38 -0000	1.15.2.8
  @@ -952,7 +952,7 @@
   <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
   <div class="directive-section"><h2><a name="SSLProxyMachineCertificateFile"
id="SSLProxyMachineCertificateFile">SSLProxyMachineCertificateFile</a> <a name="sslproxymachinecertificatefile"
id="sslproxymachinecertificatefile">Directive</a></h2>
   <table class="directive">
  -<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>File
of concatenated PEM-encoded CA certificates for proxy server client certificates</td></tr>
  +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>File
of concatenated PEM-encoded client certificates and keys to be used by the proxy</td></tr>
   <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSLProxyMachineCertificateFile
<em>filename</em></code></td></tr>
   <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server
config</td></tr>
   <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Not
applicable</td></tr>
  @@ -960,26 +960,28 @@
   <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
   </table>
   <p>
  -This directive sets the all-in-one file where you keep the certificates of
  -Certification Authorities (CAs) whose proxy client certificates are used for
  -authentication of the proxy server to remote servers.
  +This directive sets the all-in-one file where you keep the certificates and
  +keys used for authentication of the proxy server to remote servers.
   </p>
   <p>
   This referenced file is simply the concatenation of the various PEM-encoded
   certificate files, in order of preference. Use this directive alternatively
   or additionally to <code>SSLProxyMachineCertificatePath</code>.
   </p>
  +<div class="warning">
  +<p>Currently there is no support for encrypted private keys</p>
  +</div>
   <p>
   Example:</p>
   <div class="example"><p><code>
  -SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/
  -</code></p></div> 
  +SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
  +</code></p></div>
   
   </div>
   <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
   <div class="directive-section"><h2><a name="SSLProxyMachineCertificatePath"
id="SSLProxyMachineCertificatePath">SSLProxyMachineCertificatePath</a> <a name="sslproxymachinecertificatepath"
id="sslproxymachinecertificatepath">Directive</a></h2>
   <table class="directive">
  -<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Directory
of PEM-encoded CA certificates for proxy server client certificates</td></tr>
  +<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Directory
of PEM-encoded client certificates and keys to be used by the proxy</td></tr>
   <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>SSLProxyMachineCertificatePath
<em>directory</em></code></td></tr>
   <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server
config</td></tr>
   <tr><th><a href="directive-dict.html#Override">Override:</a></th><td>Not
applicable</td></tr>
  @@ -987,9 +989,8 @@
   <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
   </table>
   <p>
  -This directive sets the directory where you keep the certificates of
  -Certification Authorities (CAs) whose proxy client certificates are used for
  -authentication of the proxy server to remote servers.
  +This directive sets the directory where you keep the certificates and
  +keys used for authentication of the proxy server to remote servers.
   </p>
   <p>The files in this directory must be PEM-encoded and are accessed through
   hash filenames. Additionally, you must create symbolic links named
  @@ -997,10 +998,13 @@
   directory contains the appropriate symbolic links. Use the Makefile which
   comes with mod_ssl to accomplish this task.
   </p>
  +<div class="warning">
  +<p>Currently there is no support for encrypted private keys</p>
  +</div>
   <p>
   Example:</p>
   <div class="example"><p><code>
  -SSLProxyMachineCertificatePath /usr/local/apache2/conf/ssl.crt/
  +SSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
   </code></p></div> 
   
   </div>
  
  
  
  1.10.2.8  +16 -12    httpd-2.0/docs/manual/mod/mod_ssl.xml
  
  Index: mod_ssl.xml
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/mod_ssl.xml,v
  retrieving revision 1.10.2.7
  retrieving revision 1.10.2.8
  diff -u -r1.10.2.7 -r1.10.2.8
  --- mod_ssl.xml	11 Nov 2003 19:53:03 -0000	1.10.2.7
  +++ mod_ssl.xml	5 Jan 2004 21:41:38 -0000	1.10.2.8
  @@ -1170,16 +1170,15 @@
   
   <directivesynopsis>
   <name>SSLProxyMachineCertificatePath</name>
  -<description>Directory of PEM-encoded CA certificates for proxy server client certificates</description>
  +<description>Directory of PEM-encoded client certificates and keys to be used by
the proxy</description>
   <syntax>SSLProxyMachineCertificatePath <em>directory</em></syntax>
   <contextlist><context>server config</context></contextlist>
   <override>Not applicable</override>
   
   <usage>
   <p>
  -This directive sets the directory where you keep the certificates of
  -Certification Authorities (CAs) whose proxy client certificates are used for
  -authentication of the proxy server to remote servers.
  +This directive sets the directory where you keep the certificates and
  +keys used for authentication of the proxy server to remote servers.
   </p>
   <p>The files in this directory must be PEM-encoded and are accessed through
   hash filenames. Additionally, you must create symbolic links named
  @@ -1187,10 +1186,13 @@
   directory contains the appropriate symbolic links. Use the Makefile which
   comes with mod_ssl to accomplish this task.
   </p>
  +<note type="warning">
  +<p>Currently there is no support for encrypted private keys</p>
  +</note>
   <p>
   Example:</p>
   <example>
  -SSLProxyMachineCertificatePath /usr/local/apache2/conf/ssl.crt/
  +SSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
   </example> 
   </usage> 
   </directivesynopsis>
  @@ -1198,28 +1200,30 @@
   
   <directivesynopsis>
   <name>SSLProxyMachineCertificateFile</name>
  -<description>File of concatenated PEM-encoded CA certificates for proxy server client
certificates</description>
  +<description>File of concatenated PEM-encoded client certificates and keys to be
used by the proxy</description>
   <syntax>SSLProxyMachineCertificateFile <em>filename</em></syntax>
   <contextlist><context>server config</context></contextlist>
   <override>Not applicable</override>
   
   <usage>
   <p>
  -This directive sets the all-in-one file where you keep the certificates of
  -Certification Authorities (CAs) whose proxy client certificates are used for
  -authentication of the proxy server to remote servers.
  +This directive sets the all-in-one file where you keep the certificates and
  +keys used for authentication of the proxy server to remote servers.
   </p>
   <p>
   This referenced file is simply the concatenation of the various PEM-encoded
   certificate files, in order of preference. Use this directive alternatively
   or additionally to <code>SSLProxyMachineCertificatePath</code>.
   </p>
  +<note type="warning">
  +<p>Currently there is no support for encrypted private keys</p>
  +</note>
   <p>
   Example:</p>
   <example>
  -SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/
  -</example> 
  -</usage> 
  +SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
  +</example>
  +</usage>
   </directivesynopsis>
   
   <directivesynopsis>
  
  
  
  1.47.2.39 +2 -2      httpd-2.0/docs/manual/mod/quickreference.html.en
  
  Index: quickreference.html.en
  ===================================================================
  RCS file: /home/cvs/httpd-2.0/docs/manual/mod/quickreference.html.en,v
  retrieving revision 1.47.2.38
  retrieving revision 1.47.2.39
  diff -u -r1.47.2.38 -r1.47.2.39
  --- quickreference.html.en	3 Jan 2004 00:35:57 -0000	1.47.2.38
  +++ quickreference.html.en	5 Jan 2004 21:41:38 -0000	1.47.2.39
  @@ -634,8 +634,8 @@
   <tr class="odd"><td><a href="mod_ssl.html#sslproxyciphersuite">SSLProxyCipherSuite
<em>cipher-spec</em></a></td><td> ALL:!ADH:RC4+RSA:+H +</td><td>svdh</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">Cipher Suite available for negotiation
in SSL 
   proxy handshake</td></tr>
   <tr><td><a href="mod_ssl.html#sslproxyengine">SSLProxyEngine on|off</a></td><td>
off </td><td>sv</td><td>E</td></tr><tr><td class="descr"
colspan="4">SSL Proxy Engine Operation Switch</td></tr>
  -<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile
<em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded CA certificates
for proxy server client certificates</td></tr>
  -<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath
<em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td
class="descr" colspan="4">Directory of PEM-encoded CA certificates for proxy server client
certificates</td></tr>
  +<tr class="odd"><td><a href="mod_ssl.html#sslproxymachinecertificatefile">SSLProxyMachineCertificateFile
<em>filename</em></a></td><td></td><td>s</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">File of concatenated PEM-encoded client
certificates and keys to be used by the proxy</td></tr>
  +<tr><td><a href="mod_ssl.html#sslproxymachinecertificatepath">SSLProxyMachineCertificatePath
<em>directory</em></a></td><td></td><td>s</td><td>E</td></tr><tr><td
class="descr" colspan="4">Directory of PEM-encoded client certificates and keys to be used
by the proxy</td></tr>
   <tr class="odd"><td><a href="mod_ssl.html#sslproxyprotocol">SSLProxyProtocol
[+|-]<em>protocol</em> ...</a></td><td> all </td><td>sv</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">Configure usable SSL protocol flavors for
proxy usage</td></tr>
   <tr><td><a href="mod_ssl.html#sslproxyverify">SSLProxyVerify <em>level</em></a></td><td>
none </td><td>svdh</td><td>E</td></tr><tr><td
class="descr" colspan="4">Type of remote server Certificate verification</td></tr>
   <tr class="odd"><td><a href="mod_ssl.html#sslproxyverifydepth">SSLProxyVerifyDepth
<em>number</em></a></td><td> 1 </td><td>svdh</td><td>E</td></tr><tr
class="odd"><td class="descr" colspan="4">Maximum depth of CA Certificates in Remote
Server
  
  
  

Mime
View raw message