Changeset adcd021 in mod_gnutls


Ignore:
Timestamp:
Jan 13, 2020, 1:08:40 PM (11 months ago)
Author:
Fiona Klute <fiona.klute@…>
Branches:
master, proxy-ticket
Children:
cc748329
Parents:
546bf35
Message:

Small documentation updates

File:
1 edited

Legend:

Unmodified
Added
Removed
  • doc/mod_gnutls_manual.md

    r546bf35 radcd021  
    232232Context: server config, virtual host
    233233
    234 By default, `mod_gnutls` uses the DH parameters included with GnuTLS
    235 corresponding to the security level of the configured private keys if
    236 compiled with GnuTLS 3.5.6 or newer, and the ffdhe2048 DH group as
    237 defined in RFC 7919, Appendix A.1 otherwise.
     234By default `mod_gnutls` uses the DH parameters included with GnuTLS
     235corresponding to the security level of the configured private keys.
    238236
    239237If you need to use different DH parameters, you can provide a PEM file
     
    341339certificate, and optionally those of the issuing Certificate
    342340Authorities (CAs). If the file contains multiple certificates they
    343 must be ordered from EE to the CA closest to the root CA (or the root
    344 CA itself).
    345 
    346 Including at least the immediately issuing CA is highly recommended
    347 because it is required for OCSP stapling.
     341must be ordered from EE to the CA closest to the root CA.
     342
     343Including the full certificate chain is highly recommended because the
     344CA certificates are needed for [OCSP stapling](#ocsp-stapling-configuration).
    348345
    349346Since version 0.7 this can be a PKCS #11 URL instead of a file.
Note: See TracChangeset for help on using the changeset viewer.