You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by hu...@apache.org on 2012/03/25 08:57:57 UTC

svn commit: r1304987 - /httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml

Author: humbedooh
Date: Sun Mar 25 06:57:57 2012
New Revision: 1304987

URL: http://svn.apache.org/viewvc?rev=1304987&view=rev
Log:
Merge r1304985 from trunk:

Mention SSL certificate checks are now enabled by default, as opposed to disabled in 2.2.
Submitted by: Petter Berntsen (petterb@gmail.com)

Modified:
    httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml

Modified: httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml?rev=1304987&r1=1304986&r2=1304987&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/upgrading.xml Sun Mar 25 06:57:57 2012
@@ -301,7 +301,11 @@
       variables has changed. The old format can still be used with the new
       <code>LegacyDNStringFormat</code> argument to <directive
       module="mod_ssl">SSLOptions</directive>. The SSLv2 protocol is
-      no longer supported.</li>
+      no longer supported. <directive module="mod_ssl">SSLProxyCheckPeerCN
+	  </directive> and <directive module="mod_ssl">SSLProxyCheckPeerExpire
+	  </directive> now default to On, causing proxy requests to HTTPS hosts
+	  with bad or outdated certificates to fail with a 502 status code (Bad 
+	  gateway)</li>
 
       <li><program>htpasswd</program> now uses MD5 hash by default on
       all platforms.</li>