This is an automated email from the ASF dual-hosted git repository.
rrm pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 6f6945d Use un-deprecated records for SSL server verification
6f6945d is described below
commit 6f6945df535e69acb2712ad35a4bc5cc03ae1a24
Author: Randall Meyer <[email protected]>
AuthorDate: Tue Jul 16 13:48:47 2019 -0700
Use un-deprecated records for SSL server verification
proxy.config.ssl.client.verify.server was deprecated in 5cd7b75d0f5
---
configs/records.config.default.in | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/configs/records.config.default.in
b/configs/records.config.default.in
index bbd5c82..61028b0 100644
--- a/configs/records.config.default.in
+++ b/configs/records.config.default.in
@@ -163,7 +163,8 @@ CONFIG proxy.config.reverse_proxy.enabled INT 1
#
https://docs.trafficserver.apache.org/records.config#client-related-configuration
#
https://docs.trafficserver.apache.org/en/latest/admin-guide/files/ssl_multicert.config.en.html
##############################################################################
-CONFIG proxy.config.ssl.client.verify.server INT 0
+CONFIG proxy.config.ssl.client.verify.server.policy STRING DISABLED
+CONFIG proxy.config.ssl.client.verify.server.properties STRING ALL
CONFIG proxy.config.ssl.client.CA.cert.filename STRING NULL
CONFIG proxy.config.ssl.server.cipher_suite STRING
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-DSS-AES
[...]
