mirror/openldap
2
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2024-12-21 03:10:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

ITS#4017 add TLSDHParamFile

Browse Source
This commit is contained in:
Howard Chu 2005-10-28 06:55:16 +00:00
parent 1e52928337
commit 970ccf9584
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
doc/guide/admin/tls.sdf
View File

@ -132,6 +132,16 @@ bytes of arbitrary data into the file. The file is only used to
provide a seed for the pseudo-random number generator, and it doesn't provide a seed for the pseudo-random number generator, and it doesn't
need very much data to work. need very much data to work.
H4: TLSEphemeralDHParamFile <filename>
This directive specifies the file that contains parameters for Diffie-Hellman
ephemeral key exchange. This is required in order to use a DSA certificate on
the server side (i.e. {{EX:TLSCertificateKeyFile}} points to a DSA key).
Multiple sets of parameters can be included in the file; all of them will
be processed. Parameters can be generated using the following command
> openssl dhparam [-dsaparam] -out <filename> <numbits>
H4: TLSVerifyClient { never | allow | try | demand } H4: TLSVerifyClient { never | allow | try | demand }
This directive specifies what checks to perform on client certificates This directive specifies what checks to perform on client certificates