You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by kl...@apache.org on 2014/10/27 11:58:42 UTC
couchdb commit: updated refs/heads/1.x.x to c3c9588
Repository: couchdb
Updated Branches:
refs/heads/1.x.x 83cf448f0 -> c3c9588ca
Improve documentation of `cacert_file` ssl option
The documentation was incorrect insofar that it only described its
functionality for client verification, although the configuration is
used for server verification as well.
Project: http://git-wip-us.apache.org/repos/asf/couchdb/repo
Commit: http://git-wip-us.apache.org/repos/asf/couchdb/commit/c3c9588c
Tree: http://git-wip-us.apache.org/repos/asf/couchdb/tree/c3c9588c
Diff: http://git-wip-us.apache.org/repos/asf/couchdb/diff/c3c9588c
Branch: refs/heads/1.x.x
Commit: c3c9588ca8d087419462dbffced3c15033375876
Parents: 83cf448
Author: Klaus Trainer <kl...@apache.org>
Authored: Mon Oct 27 11:55:14 2014 +0100
Committer: Klaus Trainer <kl...@apache.org>
Committed: Mon Oct 27 11:55:14 2014 +0100
----------------------------------------------------------------------
share/doc/src/config/http.rst | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/couchdb/blob/c3c9588c/share/doc/src/config/http.rst
----------------------------------------------------------------------
diff --git a/share/doc/src/config/http.rst b/share/doc/src/config/http.rst
index 1ae3abe..4084be5 100644
--- a/share/doc/src/config/http.rst
+++ b/share/doc/src/config/http.rst
@@ -329,9 +329,12 @@ Secure Socket Level Options
.. config:option:: cacert_file :: CA Certificate file
- Path to file containing PEM encoded CA certificates (trusted certificates
- used for verifying a peer certificate). May be omitted if you do not want
- to verify the peer::
+ The path to a file containing PEM encoded CA certificates. The CA
+ certificates are used to build the server certificate chain, and for client
+ authentication. Also the CAs are used in the list of acceptable client CAs
+ passed to the client when a certificate is requested. May be omitted if
+ there is no need to verify the client and if there are not any intermediate
+ CAs for the server certificate::
[ssl]
cacert_file = /etc/ssl/certs/ca-certificates.crt