Changeset adcd021 in mod_gnutls
- Timestamp:
- Jan 13, 2020, 1:08:40 PM (15 months ago)
- Branches:
- asyncio, master, proxy-ticket
- Children:
- cc748329
- Parents:
- 546bf35
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
doc/mod_gnutls_manual.md
r546bf35 radcd021 232 232 Context: server config, virtual host 233 233 234 By default, `mod_gnutls` uses the DH parameters included with GnuTLS 235 corresponding to the security level of the configured private keys if 236 compiled with GnuTLS 3.5.6 or newer, and the ffdhe2048 DH group as 237 defined in RFC 7919, Appendix A.1 otherwise. 234 By default `mod_gnutls` uses the DH parameters included with GnuTLS 235 corresponding to the security level of the configured private keys. 238 236 239 237 If you need to use different DH parameters, you can provide a PEM file … … 341 339 certificate, and optionally those of the issuing Certificate 342 340 Authorities (CAs). If the file contains multiple certificates they 343 must be ordered from EE to the CA closest to the root CA (or the root 344 CA itself). 345 346 Including at least the immediately issuing CA is highly recommended 347 because it is required for OCSP stapling. 341 must be ordered from EE to the CA closest to the root CA. 342 343 Including the full certificate chain is highly recommended because the 344 CA certificates are needed for [OCSP stapling](#ocsp-stapling-configuration). 348 345 349 346 Since version 0.7 this can be a PKCS #11 URL instead of a file.
Note: See TracChangeset
for help on using the changeset viewer.