httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From yla...@apache.org
Subject svn commit: r1584653 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
Date Fri, 04 Apr 2014 13:18:26 GMT
Author: ylavic
Date: Fri Apr  4 13:18:26 2014
New Revision: 1584653

URL: http://svn.apache.org/r1584653
Log:
Remerge r1584555 but without the changes on (un-backportable) SSLOCSPUseRequestNonce.

Modified:
    httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml

Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml?rev=1584653&r1=1584652&r2=1584653&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.xml Fri Apr  4 13:18:26 2014
@@ -2125,7 +2125,6 @@ SSLUserName SSL_CLIENT_S_DN_CN
 <default>SSLHonorCipherOrder off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
@@ -2173,7 +2172,6 @@ SSLCryptoDevice ubsec
 <default>SSLOCSPEnable off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option enables OCSP validation of the client certificate
@@ -2204,7 +2202,6 @@ SSLOCSPOverrideResponder on
 <syntax>SSLOCSDefaultResponder <em>uri</em></syntax>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the default OCSP responder to use.  If <directive
@@ -2221,7 +2218,6 @@ the certificate being verified.</p>
 <default>SSLOCSPOverrideResponder off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option forces the configured default OCSP responder to be used
@@ -2237,7 +2233,6 @@ certificate being validated references a
 <default>SSLOCSPResponseTimeSkew 300</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable time skew for OCSP responses
@@ -2252,7 +2247,6 @@ certificate being validated references a
 <default>SSLOCSPResponseMaxAge -1</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable age ("freshness") for OCSP responses.
@@ -2269,7 +2263,6 @@ which means that OCSP responses are cons
 <default>SSLOCSPResponderTimeout 10</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3 and later, if using OpenSSL 0.9.7 or later</compatibility>
 
 <usage>
 <p>This option sets the timeout for queries to OCSP responders, when
@@ -2345,7 +2338,7 @@ supported for a given SSL connection.</p
 <default>SSLUseStapling off</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option enables OCSP stapling, as defined by the "Certificate
@@ -2373,7 +2366,7 @@ stated goal of "saving roundtrips and re
 <description>Configures the OCSP stapling cache</description>
 <syntax>SSLStaplingCache <em>type</em></syntax>
 <contextlist><context>server config</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Configures the cache used to store OCSP responses which get included
@@ -2392,7 +2385,7 @@ the same storage types are supported as 
 <default>SSLStaplingResponseTimeSkew 300</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable time skew when mod_ssl checks the
@@ -2409,7 +2402,7 @@ if <directive module="mod_ssl">SSLUseSta
 <default>SSLStaplingResponderTimeout 10</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the timeout for queries to OCSP responders when
@@ -2425,7 +2418,7 @@ and mod_ssl is querying a responder for 
 <default>SSLStaplingResponseMaxAge -1</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This option sets the maximum allowable age ("freshness") when
@@ -2444,7 +2437,7 @@ which means that OCSP responses are cons
 <default>SSLStaplingStandardCacheTimeout 3600</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Sets the timeout in seconds before responses in the OCSP stapling cache
@@ -2463,7 +2456,7 @@ used for controlling the timeout for inv
 <default>SSLStaplingReturnResponderErrors on</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>When enabled, mod_ssl will pass responses from unsuccessful
@@ -2480,7 +2473,7 @@ for failed queries will be included in t
 <default>SSLStaplingFakeTryLater on</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>When enabled and a query to an OCSP responder for stapling
@@ -2498,7 +2491,7 @@ is also enabled.</p>
 <default>SSLStaplingErrorCacheTimeout 600</default>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>Sets the timeout in seconds before <em>invalid</em> responses
@@ -2515,7 +2508,7 @@ To set the cache timeout for valid respo
 <syntax>SSLStaplingForceURL <em>uri</em></syntax>
 <contextlist><context>server config</context>
 <context>virtual host</context></contextlist>
-<compatibility>Available in httpd 2.3.3 and later, if using OpenSSL 0.9.8h or later</compatibility>
+<compatibility>Available if using OpenSSL 0.9.8h or later</compatibility>
 
 <usage>
 <p>This directive overrides the URI of an OCSP responder as obtained from



Mime
View raw message