You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@qpid.apache.org by gm...@apache.org on 2017/11/28 16:34:11 UTC
qpid-dispatch git commit: DISPATCH-877 - Document new ciphers
attribute. This closes #219
Repository: qpid-dispatch
Updated Branches:
refs/heads/master 00d1ea220 -> 95c9463e2
DISPATCH-877 - Document new ciphers attribute. This closes #219
Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/95c9463e
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/95c9463e
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/95c9463e
Branch: refs/heads/master
Commit: 95c9463e247a26d1b7374992d7826214c2805b5f
Parents: 00d1ea2
Author: Ben Hardesty <bh...@redhat.com>
Authored: Wed Nov 15 17:00:55 2017 -0500
Committer: Ganesh Murthy <gm...@redhat.com>
Committed: Tue Nov 28 11:33:26 2017 -0500
----------------------------------------------------------------------
doc/new-book/configuration-security.adoc | 12 ++++++++++++
1 file changed, 12 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/95c9463e/doc/new-book/configuration-security.adoc
----------------------------------------------------------------------
diff --git a/doc/new-book/configuration-security.adoc b/doc/new-book/configuration-security.adoc
index c59a35f..4df8d4a 100644
--- a/doc/new-book/configuration-security.adoc
+++ b/doc/new-book/configuration-security.adoc
@@ -49,6 +49,7 @@ You must have the following files in PEM format:
----
sslProfile {
name: _NAME_
+ ciphers: _CIPHERS_
certDb: _PATH_.pem
certFile: _PATH_.pem
keyFile: _PATH_.pem
@@ -66,6 +67,17 @@ For example:
name: router-ssl-profile
----
+`ciphers`:: The SSL cipher suites that can be used by this SSL/TLS profile. If certain ciphers are unsuitable for your environment, you can use this attribute to restrict them from being used.
++
+To enable a cipher list, enter one or more cipher strings separated by colons (`:`). For example:
++
+[options="nowrap"]
+----
+ciphers: ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
+----
++
+To see the full list of available ciphers, use the `openssl ciphers` command. For more information about each cipher, see the link:https://www.openssl.org/docs/manmaster/man1/ciphers.html[ciphers man page^].
+
`certDb`:: The absolute path to the database that contains the public certificates of trusted certificate authorities (CA).
+
For example:
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@qpid.apache.org
For additional commands, e-mail: commits-help@qpid.apache.org