[trafficserver] branch master updated: Fix documentation on client certificates in ssl_server_name

Fri, 21 Dec 2018 10:28:38 -0800 

This is an automated email from the ASF dual-hosted git repository.

shinrich pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git


The following commit(s) were added to refs/heads/master by this push:
     new edccb98  Fix documentation on client certificates in ssl_server_name
edccb98 is described below

commit edccb98c97f15abce60ddb795e8429ce940c1414
Author: Susan Hinrichs <[email protected]>
AuthorDate: Wed Dec 19 20:25:00 2018 +0000

    Fix documentation on client certificates in ssl_server_name
---
 doc/admin-guide/files/ssl_server_name.yaml.en.rst | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/doc/admin-guide/files/ssl_server_name.yaml.en.rst 
b/doc/admin-guide/files/ssl_server_name.yaml.en.rst
index 66fdd55..e95c3dd 100644
--- a/doc/admin-guide/files/ssl_server_name.yaml.en.rst
+++ b/doc/admin-guide/files/ssl_server_name.yaml.en.rst
@@ -66,20 +66,25 @@ verify_origin_server      Deprecated.  Use 
verify_server_policy and verify_serve
                           By default this is 
:ts:cv:`proxy.config.ssl.client.verify.server`.
 
 verify_client             One of the values :code:`NONE`, :code:`MODERATE`, or 
:code:`STRICT`.
+                          If ``NONE`` is specified, |TS| requests no 
certificate.  If ``MODERATE`` is specified
+                          |TS| will verify a certificate that is presented by 
the client, but it will not
+                          fail the TLS handshake if new certificate is 
presented.  If ``STRICT`` is specified
+                          the client must resent a certificate during the TLS 
handshake.
+
 
                           By default this is 
:ts:cv:`proxy.config.ssl.client.certification_level`.
 
 client_cert               The file containing the client certificate to use 
for the outbound connection.
 
-                          If this is relative it is relative to the path in
-                          :ts:cv:`proxy.config.ssl.server.cert.path`. If not 
set
+                          If this is relative, it is relative to the path in
+                          :ts:cv:`proxy.config.ssl.client.cert.path`. If not 
set
                           :ts:cv:`proxy.config.ssl.client.cert.filename` is 
used.
 
 client_key                The file containing the client private key that 
corresponds to the certificate
                           for the outbound connection.
 
-                          If this is relative it is relative to the path in
-                          :ts:cv:`proxy.config.ssl.server.private_key.path`. 
If not set,
+                          If this is relative, it is relative to the path in
+                          :ts:cv:`proxy.config.ssl.client.private_key.path`. 
If not set,
                           |TS| tries to use a private key in client_cert.  
Otherwise, 
                           
:ts:cv:`proxy.config.ssl.client.private_key.filename` is used.

Reply via email to