Changeset 0de1839 in mod_gnutls for configure.ac


Ignore:
Timestamp:
Mar 19, 2015, 8:27:45 AM (4 years ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
debian/master, debian/stretch-backports, jessie-backports, master, upstream
Children:
91ccb87
Parents:
10b3370
Message:

Support X.509 auth for TLS proxy connections

This commit adds support for X.509 certificate based authentication for
TLS proxy back end connections, including both server certificate
checking and (optionally) TLS client authentication. Some functions used
for this require GnuTLS 3.1.4 or later, so requirements change
accordingly.

Three new configuration parameters are added:

GnuTLSProxyCAFile FILEPATH

The given file must contain trusted CA certificates for server
verification. Required.

GnuTLSProxyKeyFile FILEPATH
GnuTLSProxyCertificateFile FILEPATH

Key and certificate for TLS client auth towards TLS back end servers. If
not set, TLS client auth is disabled.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • configure.ac

    r10b3370 r0de1839  
    2828)
    2929
    30 PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 2.12.6])
     30PKG_CHECK_MODULES([LIBGNUTLS], [gnutls >= 3.1.4])
    3131
    3232LIBGNUTLS_VERSION=`pkg-config --modversion gnutls`
Note: See TracChangeset for help on using the changeset viewer.