You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2020/08/18 10:13:35 UTC
svn commit: r1880960 -
/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml
Author: rjung
Date: Tue Aug 18 10:13:35 2020
New Revision: 1880960
URL: http://svn.apache.org/viewvc?rev=1880960&view=rev
Log:
Document limitations for private key format in
SSLProxyMachineCertificateFile and
SSLProxyMachineCertificatePath. PR 63935.
Backport of r1880958 from trunk.
[skip ci]
Modified:
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml?rev=1880960&r1=1880959&r2=1880960&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_ssl.xml Tue Aug 18 10:13:35 2020
@@ -1833,6 +1833,13 @@ directory contains the appropriate symbo
<note type="warning">
<p>Currently there is no support for encrypted private keys</p>
</note>
+<note type="warning">
+<p>Only keys encoded in PKCS1 RSA, DSA or EC format are supported.
+Keys encoded in PKCS8 format, ie. starting with
+"<code>-----BEGIN PRIVATE KEY-----</code>",
+must be converted, eg. using
+"<code>openssl rsa -in private-pkcs8.pem -outform pem</code>".</p>
+</note>
<example><title>Example</title>
<highlight language="config">
SSLProxyMachineCertificatePath "/usr/local/apache2/conf/proxy.crt/"
@@ -1863,6 +1870,13 @@ or additionally to <code>SSLProxyMachine
<note type="warning">
<p>Currently there is no support for encrypted private keys</p>
</note>
+<note type="warning">
+<p>Only keys encoded in PKCS1 RSA, DSA or EC format are supported.
+Keys encoded in PKCS8 format, ie. starting with
+"<code>-----BEGIN PRIVATE KEY-----</code>",
+must be converted, eg. using
+"<code>openssl rsa -in private-pkcs8.pem -outform pem</code>".</p>
+</note>
<example><title>Example</title>
<highlight language="config">
SSLProxyMachineCertificateFile "/usr/local/apache2/conf/ssl.crt/proxy.pem"