You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rp...@apache.org on 2019/11/13 13:27:27 UTC
svn commit: r1869739 [1/10] - in /httpd/httpd/branches/2.4.x/docs: man/
manual/misc/ manual/mod/ manual/programs/ manual/rewrite/
Author: rpluem
Date: Wed Nov 13 13:27:27 2019
New Revision: 1869739
URL: http://svn.apache.org/viewvc?rev=1869739&view=rev
Log:
* Rebuild docs
Modified:
httpd/httpd/branches/2.4.x/docs/man/httxt2dbm.1
httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.en
httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.tr.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.de
httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.es
httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.ja.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.tr.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.de
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.es
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ja.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ko.euc-kr
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.tr.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.zh-cn.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_form.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_proxy_uwsgi.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/mod_socache_redis.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.de
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.en
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.es
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.ja.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.ko.euc-kr
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.tr.utf8
httpd/httpd/branches/2.4.x/docs/manual/mod/quickreference.html.zh-cn.utf8
httpd/httpd/branches/2.4.x/docs/manual/programs/httxt2dbm.html.en
httpd/httpd/branches/2.4.x/docs/manual/programs/httxt2dbm.html.tr.utf8
httpd/httpd/branches/2.4.x/docs/manual/rewrite/advanced.html.en
httpd/httpd/branches/2.4.x/docs/manual/rewrite/intro.html.en
Modified: httpd/httpd/branches/2.4.x/docs/man/httxt2dbm.1
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/man/httxt2dbm.1?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/man/httxt2dbm.1 (original)
+++ httpd/httpd/branches/2.4.x/docs/man/httxt2dbm.1 Wed Nov 13 13:27:27 2019
@@ -19,7 +19,7 @@
.el .ne 3
.IP "\\$1" \\$2
..
-.TH "HTTXT2DBM" 1 "2018-07-06" "Apache HTTP Server" "httxt2dbm"
+.TH "HTTXT2DBM" 1 "2019-11-13" "Apache HTTP Server" "httxt2dbm"
.SH NAME
httxt2dbm \- Generate dbm files for use with RewriteMap
@@ -50,7 +50,7 @@ More verbose output
Specify the DBM type to be used for the output\&. If not specified, will use the APR Default\&. Available types are: \fBGDBM\fR for GDBM files, \fBSDBM\fR for SDBM files, \fBDB\fR for berkeley DB files, \fBNDBM\fR for NDBM files, \fBdefault\fR for the default DBM type\&.
.TP
\fB-i \fISOURCE_TXT\fR\fR
-Input file from which the dbm is to be created\&. The file should be formated with one record per line, of the form: \fBkey value\fR\&. See the documentation for RewriteMap for further details of this file's format and meaning\&.
+Input file from which the dbm is to be created\&. The file should be formatted with one record per line, of the form: \fBkey value\fR\&. See the documentation for RewriteMap for further details of this file's format and meaning\&.
.TP
\fB-o \fIOUTPUT_DBM\fR\fR
Name of the output dbm files\&.
Modified: httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.en Wed Nov 13 13:27:27 2019
@@ -132,7 +132,7 @@
<li>The use of a threaded <a href="../mpm.html">mpm</a> may
allow you to handle more simultaneous connections, thereby
- mitigating DoS attacks. Further, the
+ mitigating DoS attacks. Further, the
<code class="module"><a href="../mod/event.html">event</a></code> mpm
uses asynchronous processing to avoid devoting a thread to each
connection. Due to the nature of the OpenSSL library the
@@ -454,10 +454,10 @@
directive specific. Always test your changes when creating dependencies
on how directives are merged.</p>
- <p> For modules that don't implement any merging logic, such as
- <code class="directive">mod_access_compat</code>, the behavior in later sections
+ <p> For modules that don't implement any merging logic, such as
+ <code class="module"><a href="../mod/mod_access_compat.html">mod_access_compat</a></code>, the behavior in later sections
depends on whether the later section has any directives
- from the module. The configuration is inherited until a change is made,
+ from the module. The configuration is inherited until a change is made,
at which point the configuration is <em>replaced</em> and not merged.</p>
</div></div>
<div class="bottomlang">
Modified: httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.tr.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.tr.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.tr.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/misc/security_tips.html.tr.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -28,6 +28,7 @@
<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> |
<a href="../tr/misc/security_tips.html" title="Türkçe"> tr </a></p>
</div>
+<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<p>Bir HTTP Sunucusunu ayarlarken dikkat edilmesi gerekenler ve bazı
ipuçları. Öneriler kısmen Apache’ye özel kısmen de genel olacaktır.</p>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.de
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.de?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.de (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.de Wed Nov 13 13:27:27 2019
@@ -2875,14 +2875,14 @@ On Windows, from Apache 2.3.3 and later.
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Beschreibung:</a></th><td>Controls whether the REDIRECT_URL environment variable is
fully qualified</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>QualifyRedirectURL ON|OFF</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Voreinstellung:</a></th><td><code>QualifyRedirectURL OFF</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>QualifyRedirectURL On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Voreinstellung:</a></th><td><code>QualifyRedirectURL Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Kontext:</a></th><td>Serverkonfiguration, Virtual Host, Verzeichnis</td></tr>
<tr><th><a href="directive-dict.html#Override">AllowOverride:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Modul:</a></th><td>core</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Kompatibilität:</a></th><td>Directive supported in 2.4.18 and later. 2.4.17 acted
-as if 'QualifyRedirectURL ON' was configured.</td></tr>
+as if 'QualifyRedirectURL On' was configured.</td></tr>
</table><p>Die Dokumentation zu dieser Direktive wurde
noch nicht übersetzt. Bitte schauen Sie in die englische
Version.</p></div>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.en Wed Nov 13 13:27:27 2019
@@ -4045,19 +4045,19 @@ On Windows, from Apache 2.3.3 and later.
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls whether the REDIRECT_URL environment variable is
fully qualified</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>QualifyRedirectURL ON|OFF</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>QualifyRedirectURL OFF</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>QualifyRedirectURL On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>QualifyRedirectURL Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Directive supported in 2.4.18 and later. 2.4.17 acted
-as if 'QualifyRedirectURL ON' was configured.</td></tr>
+as if 'QualifyRedirectURL On' was configured.</td></tr>
</table>
<p>This directive controls whether the server will ensure that the
REDIRECT_URL environment variable is fully qualified. By default,
the variable contains the verbatim URL requested by the client,
- such as "/index.html". With <code class="directive"><a href="#qualifyredirecturl on">QualifyRedirectURL ON</a></code>, the same request would result in a
+ such as "/index.html". With <code class="directive">QualifyRedirectURL On</code>, the same request would result in a
value such as "http://www.example.com/index.html".</p>
<p>Even without this directive set, when a request is issued against a
fully qualified URL, REDIRECT_URL will remain fully qualified.
@@ -4301,8 +4301,8 @@ scripts</td></tr>
so.</p>
</div>
- <p>The option <code>Registry-Strict</code> which is new in Apache HTTP Server
- 2.0 does the same thing as <code>Registry</code> but uses only the
+ <p>The option <code>Registry-Strict</code>
+ does the same thing as <code>Registry</code> but uses only the
subkey <code>Shell\ExecCGI\Command</code>. The
<code>ExecCGI</code> key is not a common one. It must be
configured manually in the windows registry and hence prevents
@@ -4581,15 +4581,14 @@ is accessed by an incompatible browser</
actually produced a returned error message.</p>
<p>The <code>Off</code>
- setting, which is the default, suppresses the footer line (and is
- therefore compatible with the behavior of Apache-1.2 and
- below). The <code>On</code> setting simply adds a line with the
+ setting, which is the default, suppresses the footer line.
+ The <code>On</code> setting simply adds a line with the
server version number and <code class="directive"><a href="#servername">ServerName</a></code> of the serving virtual host,
and the <code>EMail</code> setting additionally creates a
"mailto:" reference to the <code class="directive"><a href="#serveradmin">ServerAdmin</a></code> of the referenced
document.</p>
- <p>After version 2.0.44, the details of the server version number
+ <p>The details of the server version number
presented are controlled by the <code class="directive"><a href="#servertokens">ServerTokens</a></code> directive.</p>
<h3>See also</h3>
@@ -4649,7 +4648,7 @@ header</td></tr>
<p>This setting applies to the entire server, and cannot be
enabled or disabled on a virtualhost-by-virtualhost basis.</p>
- <p>After version 2.0.44, this directive also controls the
+ <p>This directive also controls the
information presented by the <code class="directive"><a href="#serversignature">ServerSignature</a></code> directive.</p>
<div class="note">Setting <code class="directive">ServerTokens</code> to less than
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.es
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.es?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.es (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.es Wed Nov 13 13:27:27 2019
@@ -3519,14 +3519,14 @@ On Windows from Apache 2.3.3 and later.<
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Descripción:</a></th><td>Controls whether the REDIRECT_URL environment variable is
fully qualified</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Sintaxis:</a></th><td><code>QualifyRedirectURL ON|OFF</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Valor por defecto:</a></th><td><code>QualifyRedirectURL OFF</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Sintaxis:</a></th><td><code>QualifyRedirectURL On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Valor por defecto:</a></th><td><code>QualifyRedirectURL Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Contexto:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Override">Anula:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">Estado:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Módulo:</a></th><td>core</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibilidad:</a></th><td>Directive supported in 2.4.18 and later. 2.4.17 acted
-as if 'QualifyRedirectURL ON' was configured.</td></tr>
+as if 'QualifyRedirectURL On' was configured.</td></tr>
</table><p>The documentation for this directive has
not been translated yet. Please have a look at the English
version.</p></div>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.ja.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.ja.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.ja.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.ja.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -2816,14 +2816,14 @@ On Windows, from Apache 2.3.3 and later.
<table class="directive">
<tr><th><a href="directive-dict.html#Description">説明:</a></th><td>Controls whether the REDIRECT_URL environment variable is
fully qualified</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>QualifyRedirectURL ON|OFF</code></td></tr>
-<tr><th><a href="directive-dict.html#Default">デフォルト:</a></th><td><code>QualifyRedirectURL OFF</code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">構文:</a></th><td><code>QualifyRedirectURL On|Off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">デフォルト:</a></th><td><code>QualifyRedirectURL Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">コンテキスト:</a></th><td>サーバ設定ファイル, バーチャルホスト, ディレクトリ</td></tr>
<tr><th><a href="directive-dict.html#Override">上書き:</a></th><td>FileInfo</td></tr>
<tr><th><a href="directive-dict.html#Status">ステータス:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">モジュール:</a></th><td>core</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">互換性:</a></th><td>Directive supported in 2.4.18 and later. 2.4.17 acted
-as if 'QualifyRedirectURL ON' was configured.</td></tr>
+as if 'QualifyRedirectURL On' was configured.</td></tr>
</table><p>このディレクティブの解説文書は
まだ翻訳されていません。英語版をご覧ください。
</p></div>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.tr.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.tr.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.tr.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/core.html.tr.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -33,6 +33,7 @@
<a href="../ja/mod/core.html" hreflang="ja" rel="alternate" title="Japanese"> ja </a> |
<a href="../tr/mod/core.html" title="Türkçe"> tr </a></p>
</div>
+<div class="outofdate">Bu çeviri güncel olmayabilir. Son değişiklikler için İngilizce sürüm geçerlidir.</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Açıklama:</a></th><td>Apache HTTP Sunucusunda daima mevcut olan çekirdek
özellikler</td></tr>
<tr><th><a href="module-dict.html#Status">Durum:</a></th><td>Çekirdek</td></tr></table>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.de
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.de?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.de (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.de Wed Nov 13 13:27:27 2019
@@ -422,6 +422,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -440,6 +441,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.en Wed Nov 13 13:27:27 2019
@@ -423,6 +423,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -441,6 +442,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.es
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.es?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.es (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.es Wed Nov 13 13:27:27 2019
@@ -425,6 +425,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -443,6 +444,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ja.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ja.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ja.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ja.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -420,6 +420,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -438,6 +439,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ko.euc-kr
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ko.euc-kr?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ko.euc-kr [euc-kr] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.ko.euc-kr [euc-kr] Wed Nov 13 13:27:27 2019
@@ -420,6 +420,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -438,6 +439,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.tr.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.tr.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.tr.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.tr.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -419,6 +419,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -437,6 +438,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.zh-cn.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.zh-cn.utf8?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.zh-cn.utf8 [utf-8] (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/directives.html.zh-cn.utf8 [utf-8] Wed Nov 13 13:27:27 2019
@@ -418,6 +418,7 @@
<li><a href="mod_md.html#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><a href="mod_md.html#mdcertificatefile">MDCertificateFile</a></li>
<li><a href="mod_md.html#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><a href="mod_md.html#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><a href="mod_md.html#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><a href="mod_md.html#mdcertificatestatus">MDCertificateStatus</a></li>
<li><a href="mod_md.html#mdchallengedns01">MDChallengeDns01</a></li>
@@ -436,6 +437,10 @@
<li><a href="mod_md.html#mdrenewwindow">MDRenewWindow</a></li>
<li><a href="mod_md.html#mdrequirehttps">MDRequireHttps</a></li>
<li><a href="mod_md.html#mdserverstatus">MDServerStatus</a></li>
+<li><a href="mod_md.html#mdstapleothers">MDStapleOthers</a></li>
+<li><a href="mod_md.html#mdstapling">MDStapling</a></li>
+<li><a href="mod_md.html#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><a href="mod_md.html#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><a href="mod_md.html#mdstoredir">MDStoreDir</a></li>
<li><a href="mod_md.html#mdwarnwindow">MDWarnWindow</a></li>
<li><a href="mod_socache_memcache.html#memcacheconnttl">MemcacheConnTTL</a></li>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_form.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_form.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_form.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_auth_form.html.en Wed Nov 13 13:27:27 2019
@@ -298,9 +298,9 @@ SessionCookieName session path=/</pre>
<p>Another option is to render the login form using a CGI script or other dynamic
technology.</p>
- <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config"> AuthFormProvider file
- ErrorDocument 401 "/cgi-bin/login.cgi"
- ...</pre>
+ <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config">AuthFormProvider file
+ErrorDocument 401 "/cgi-bin/login.cgi"
+...</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -379,14 +379,14 @@ lower level modules</td></tr>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying the body of the request to attempt on successful login</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormBody <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_body</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormBody httpd_body</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
</table>
- <p>The <code class="directive"><a href="#authformmethod">AuthFormMethod</a></code> directive specifies
- the name of an HTML field which, if present, will contain the method of the request to
+ <p>The <code class="directive"><a href="#authformbody">AuthFormBody</a></code> directive specifies
+ the name of an HTML field which, if present, will contain the body of the request
to submit should login be successful.</p>
<p>By populating the form with fields described by
@@ -401,7 +401,7 @@ lower level modules</td></tr>
<div class="directive-section"><h2><a name="AuthFormDisableNoStore" id="AuthFormDisableNoStore">AuthFormDisableNoStore</a> <a name="authformdisablenostore" id="authformdisablenostore">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Disable the CacheControl no-store header on the login page</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormDisableNoStore <var>On|Off</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormDisableNoStore On|Off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormDisableNoStore Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
@@ -421,7 +421,7 @@ lower level modules</td></tr>
<div class="directive-section"><h2><a name="AuthFormFakeBasicAuth" id="AuthFormFakeBasicAuth">AuthFormFakeBasicAuth</a> <a name="authformfakebasicauth" id="authformfakebasicauth">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Fake a Basic Authentication header</td></tr>
-<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormFakeBasicAuth <var>On|Off</var></code></td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormFakeBasicAuth On|Off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormFakeBasicAuth Off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
@@ -441,7 +441,7 @@ lower level modules</td></tr>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying a URL to redirect to on successful login</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormLocation <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_location</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormLocation httpd_location</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
@@ -539,14 +539,14 @@ parser has been added in 2.4.4.</td></tr
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying the method of the request to attempt on successful login</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormMethod <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_method</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormMethod httpd_method</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
</table>
<p>The <code class="directive"><a href="#authformmethod">AuthFormMethod</a></code> directive specifies
- the name of an HTML field which, if present, will contain the method of the request to
+ the name of an HTML field which, if present, will contain the method of the request
to submit should login be successful.</p>
<p>By populating the form with fields described by
@@ -562,13 +562,13 @@ parser has been added in 2.4.4.</td></tr
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying the mimetype of the body of the request to attempt on successful login</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormMimetype <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_mimetype</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormMimetype httpd_mimetype</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
</table>
- <p>The <code class="directive"><a href="#authformmethod">AuthFormMethod</a></code> directive specifies
+ <p>The <code class="directive"><a href="#authformmimetype">AuthFormMimetype</a></code> directive specifies
the name of an HTML field which, if present, will contain the
mimetype of the request to submit should login be successful.</p>
@@ -585,7 +585,7 @@ parser has been added in 2.4.4.</td></tr
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying the login password</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormPassword <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_password</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormPassword httpd_password</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
@@ -667,7 +667,7 @@ parser has been added in 2.4.4.</td></tr
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The largest size of the form in bytes that will be parsed for the login details</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormSize <var>size</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>8192</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormSize 8192</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
@@ -693,7 +693,7 @@ parser has been added in 2.4.4.</td></tr
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The name of a form field carrying the login username</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>AuthFormUsername <var>fieldname</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>httpd_username</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>AuthFormUsername httpd_username</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_md.html.en Wed Nov 13 13:27:27 2019
@@ -32,7 +32,7 @@
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>Managing domains across virtual hosts, certificate provisioning
via the ACME protocol
</td></tr>
-<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="module-dict.html#ModuleIdentifier">Module Identifier:</a></th><td>md_module</td></tr>
<tr><th><a href="module-dict.html#SourceFile">Source File:</a></th><td>mod_md.c</td></tr>
<tr><th><a href="module-dict.html#Compatibility">Compatibility:</a></th><td>Available in version 2.4.30 and later</td></tr></table>
@@ -40,27 +40,24 @@
<p>
This module manages common properties of domains for one or more virtual hosts.
- Its main feature is the use of the ACME protocol
- (<a href="https://tools.ietf.org/html/rfc8555">RFC 8555</a>)
- to automate certificate provisioning. Certificates will be renewed
- by the module ahead of their expiration to account for disruption in internet
- services. There are ways to monitor the status of all Managed Domains
- and configurations that will run your own notification commands on renewal,
- expiration and errors.
- </p>
- <p>
- The default ACME Certificate Authority is
+ Its serves two main purposes: for one, supervise/renew https: certificates via the
+ ACME protocol (<a href="https://tools.ietf.org/html/rfc8555">RFC 8555</a>).
+ Certificates will be renewed by the module ahead of their expiration to account
+ for disruption in internet services. There are ways to monitor the status of all
+ certififcates managed this way and configurations that will run your own
+ notification commands on renewal, expiration and errors.
+ </p><p>
+ Second, mod_md offers an alternate OCSP Stapling implementation. This works with
+ managed certificates as well as with certificates you configure yourself. OCSP
+ Stapling is a necessary component for any https: site, influencing page load
+ times and, depending on other setups, page availability. More in the
+ stapling section below.
+ </p><p>
+ The default ACME Authority for managing certificates is
<a href="https://letsencrypt.org/">Let's Encrypt</a>, but it is possible
to configure another CA that supports the protocol.
</p>
- <div class="warning"><h3>Warning</h3>
- <p>This module is experimental. Its behaviors, directives, and
- defaults are subject to more change from release to
- release relative to other standard modules. Users are encouraged to
- consult the "CHANGES" file for potential updates.</p>
- </div>
-
<p>Simple configuration example:</p>
<div class="note"><h3>TLS in a VirtualHost context</h3>
@@ -93,39 +90,59 @@
This module requires <code class="module"><a href="../mod/mod_watchdog.html">mod_watchdog</a></code> to be loaded as well.
</p><p>
Certificate sign-up and renewal with Let's Encrypt requires your server to be
- reachable on port 80 (http:) from the outside. The alternative method over
- port 443 (https:) is currently disabled for security reasons (status from
- 2018-01-14).
- </p><p>
- The module will select from the methods offered by Let's Encrypt. If LE decides
- at one point in the future, to re-enable it again, mod_md will
- use it when suitable.
- </p><p>
- But for now, only the port 80 variant is available (termed "http-01"). Only
- when LE can reach your server on port 80 will mod_md work for
- you. For now, at least.
- </p><p>
- If you do not want to offer any sites on port 80 any more, you may leave it open
- and redirect all requests to your https: sites instead. Use the
- <code class="directive"><a href="#mdrequirehttps">MDRequireHttps</a></code> described below to do
- that in a convenient fashion. This will continue to answer http: challenges
- from Let's Encrypt.
+ reachable on port 80 (http:) and/or port 443 (https:) from the public internet.
+ (Unless your server is configured to use DNS for challenges - more on that under
+ 'wildcard certificates')
+ </p><p>
+ The module will select from the methods offered by Let's Encrypt. Usually LE offers
+ challenges on both ports and DNS and Apache chooses a method available.
+ </p><p>
+ To determine which one is available, the module looks at the ports
+ Apache httpd listens on. If those include port 80, it assumes that the
+ http: challenge (named http-01) is available. If the server listens
+ on port 443, the https: challenge (named tls-alpn-01) is also added to
+ the list. (And if <code class="directive"><a href="#mdchallengedns01">MDChallengeDns01</a></code>
+ is configured, the challenge dns-01 is added as well.)
+ </p><p>
+ If your setup is not so straight forward, there are two methods available
+ to influence this. First, look at <code class="directive"><a href="#mdportmap">MDPortMap</a></code>
+ if the server is behind a portmapper, such as a firewall. Second, you may
+ override the module's guesswork completely by configuring
+ <code class="directive"><a href="#mdcachallenges">MDCAChallenges</a></code> directly.
+ </p>
+ </div>
+
+ <div class="note"><h3>https: Challenges</h3>
+ <p>
+ For domain verification via the TLS protocol `tls-alpn-01` is the name
+ of the challenge type. It requires the Apache server to listen on port 443
+ (see <code class="directive"><a href="#mdportmap">MDPortMap</a></code> if you map that port
+ to something else).
+ </p><p>
+ Let's Encrypt will open a TLS connection to Apache using the special indicator
+ `acme-tls/1` (this indication part of TLS is called ALPN, therefore the name
+ of the challenge. ALPN is also used by browsers to request a HTTP/2 connection).
+ </p><p>
+ As with the HTTP/2 protocol, to allow this, you configure:
</p>
+ <pre class="prettyprint lang-config">Protocols h2 http/1.1 acme-tls/1</pre>
+
+ <p>
+ And the `tls-alpn-01` challenge type is available.
+ </p>
</div>
<div class="note"><h3>Wildcard Certificates</h3>
<p>
- Wildcard certificates are possible with version 2.x of `mod_md``. But they are
- not straight-forward. Let's Encrypt requires the `dns-01` challenge verification
+ Wildcard certificates are possible, but not straight-forward to use out of
+ the box. Let's Encrypt requires the `dns-01` challenge verification
for those. No other is considered good enough.
</p><p>
- The difficulty here is that Apache cannot do that on its own. (which is also
- a security benefit, since corrupting a web server or the communication path to
- it is the scenario `dns-01` protects against). As the name implies, `dns-01`
+ The difficulty here is that Apache cannot do that on its own. As the name implies, `dns-01`
requires you to show some specific DNS records for your domain that contain
some challenge data. So you need to _write_ your domain's DNS records.
</p><p>
- If you know how to do that, you can integrated this with `mod_md`. Let's
+ If you know how to do that, you can integrated this with mod_md. Let's
say you have a script for that in `/usr/bin/acme-setup-dns` you configure
Apache with:
</p>
@@ -220,6 +237,52 @@
</p>
</div>
+ <div class="note"><h3>Stapling</h3>
+ <p>
+ If you want to try the stapling in one Managed Domain alone at first,
+ configure:
+ </p>
+ <pre class="prettyprint lang-config"><MDomain mydomain.net>
+ MDStapling on
+</MDomain></pre>
+
+ <p>
+ and use the 'server-status' and/or MDMessageCmd to see how it operates. You will
+ see if Stapling information is there, how long it is valid, from where it came and
+ when it will be refreshed.
+ </p><p>
+ If this all works to your satisfaction, you can switch it on for all your
+ certificates or just your managed ones.
+ </p><p>
+ The existing stapling implementation by mod_ssl is used by many sites
+ for years. There are two main differences between the mod_ssl and mod_md
+ one:
+ </p>
+ <ol>
+ <li>On demand vs. scheduled: mod_ssl retrieves the stapling information
+ when it is requested, e.g. on a new connection. mod_md retrieves it
+ right at server start and after 2/3rds of its lifetime.</li>
+ <li>In memory vs. persisted: mod_ssl <em>can</em> persist this
+ information, but most example configurations use a memory cache. mod_md
+ always stores in the file system.</li>
+ </ol>
+ <p>
+ If you are unlucky and restart your server during an outage of your CA's
+ OCSP service, your users may no longer reach your sites. Without persistence
+ your server cannot provide the client with the data and the client browser
+ cannot get it as well, since the OCSP service is not responding.
+ </p><p>
+ The implementation in mod_md will have peristed it, load it again after
+ restart and have it available for incoming connections. A day or two before
+ this information expires, it will renew it, making it able to copy with
+ a long OCSP service downtime.
+ </p><p>
+ Due to backward compatibility, the existing implementation in mod_ssl could
+ not be changed drastically. For example, mod_ssl is unable to add a dependency
+ to mod_watchdog without braking many existing installations (that do not load it).
+ </p>
+ </div>
+
</div>
<div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><h3 class="directives">Directives</h3>
<ul id="toc">
@@ -229,6 +292,7 @@
<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificateauthority">MDCertificateAuthority</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificatefile">MDCertificateFile</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificatekeyfile">MDCertificateKeyFile</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificatemonitor">MDCertificateMonitor</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificateprotocol">MDCertificateProtocol</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdcertificatestatus">MDCertificateStatus</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdchallengedns01">MDChallengeDns01</a></li>
@@ -247,6 +311,10 @@
<li><img alt="" src="../images/down.gif" /> <a href="#mdrenewwindow">MDRenewWindow</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdrequirehttps">MDRequireHttps</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdserverstatus">MDServerStatus</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mdstapleothers">MDStapleOthers</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mdstapling">MDStapling</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mdstaplingkeepresponse">MDStaplingKeepResponse</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#mdstaplingrenewwindow">MDStaplingRenewWindow</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdstoredir">MDStoreDir</a></li>
<li><img alt="" src="../images/down.gif" /> <a href="#mdwarnwindow">MDWarnWindow</a></li>
</ul>
@@ -261,7 +329,7 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDBaseServer on|off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDBaseServer off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -279,15 +347,28 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCAChallenges <var>name</var> [ <var>name</var> ... ]</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDCAChallenges tls-alpn-01 http-01 dns-01</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
- Sets challenge types and their execution order when proving domain ownership.
- The names are protocol specific.
- The current ACME protocol version implemented by Let's Encrypt defines three challenge
- types that are supported by mod_md. By default, it will try
- the one on port 443 when available.
+ Sets challenge types (in order of preference) when proving domain ownership.
+ Supported by the module are the challenge methods 'tls-alpn-01', 'dns-01'
+ and 'http-01'. The module will look at the overall configuation of the server
+ to find out which methods can be used.
+ </p><p>
+ If the server listens on port 80, for example, the 'http-01' method is available.
+ The prerequisite for 'dns-01' is a configured 'MDChallengeDns01' command.
+ 'tls-alpn-01' is described above in 'https: Challenges'.
+ </p><p>
+ This auto selection works for most setups. But since Apache is a very powerful
+ server with many configuration options, the situation is not clear for all
+ possible cases. For example: it may listen on multiple IP addresses where some
+ are reachable on `https:` and some not.
+ </p><p>
+ If you configure 'MDCAChallenges' directly, this auto selection is disabled.
+ Instead, the module will use the configured challenge list when talking to
+ the ACME server (a challenge type must be offered by the server as well).
+ This challenges are examined in the order specified.
</p>
</div>
@@ -298,7 +379,7 @@
Authority.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateAgreement accepted</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>When you use mod_md to obtain a certificate, you become a customer of the CA (e.g. Let's Encrypt). That means you need to read and agree to their Terms of Service,
@@ -314,7 +395,7 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateAuthority <var>url</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDCertificateAuthority https://acme-v02.api.letsencrypt.org/directory</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -340,7 +421,7 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify a static certificate file for the MD.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateFile path-to-pem-file</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -384,7 +465,7 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Specify a static private key for for the static cerrtificate.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateKeyFile path-to-file</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -398,13 +479,40 @@
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MDCertificateMonitor" id="MDCertificateMonitor">MDCertificateMonitor</a> <a name="mdcertificatemonitor" id="mdcertificatemonitor">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The URL of a certificate log monitor.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateMonitor name url</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>crt.sh https://crt.sh?q=</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
+</table>
+ <p>
+ This is part of the 'server-status' HTML user interface and has nothing to
+ do with the core functioning itself. It defines the link offered on that
+ page for easy checking of a certificate monitor. The SHA256 fingerprint
+ of the certificate is appended to the configured url.
+ </p><p>
+ Certificate Monitors offer supervision of Certificate Transparency (CT)
+ Logs to track the use of certificates for domains. The least you may see
+ is that Let's Encrypt (or whichever CA you have configured) has entered
+ your certificates into the CTLogs.
+ </p><p>
+ Caveat: certificate logs update and monitor's intakes of those
+ updates suffer some delay. This varies between logs and monitors. A
+ brand new certificate will not be known immediately.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="MDCertificateProtocol" id="MDCertificateProtocol">MDCertificateProtocol</a> <a name="mdcertificateprotocol" id="mdcertificateprotocol">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>The protocol to use with the Certificate Authority.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateProtocol <var>protocol</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDCertificateProtocol ACME</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -419,7 +527,7 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDCertificateStatus on|off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDCertificateStatus on</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -444,7 +552,7 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td /></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDChallengeDns01 path-to-command</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -468,7 +576,7 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDDriveMode always|auto|manual</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDDriveMode auto</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>This directive exists for backward compatibility as the old name for
@@ -482,7 +590,7 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define a proxy for outgoing connections.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDHttpProxy <var>url</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>Use a http proxy to connect to the MDCertificateAuthority. Define this
@@ -496,7 +604,7 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Additional hostname for the managed domain.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDMember <var>hostname</var></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -524,7 +632,7 @@
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDMembers auto|manual</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDMembers auto</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>Defines if the <code class="directive"><a href="../mod/core.html#servername">ServerName</a></code> and
@@ -539,12 +647,12 @@
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Handle events for Manage Domains</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDMessageCmd path-to-cmd optional-args</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
This command gets called when one of the following events happen for
- a Managed Domain: "renewed", "expiring", "errored". The command may
+ a Managed Domain: "renewed", "installed", "expiring", "errored". The command may
be invoked for more than these in the future and ignore events
it is not prepared to handle.
</p><p>
@@ -563,13 +671,25 @@ MDMessageCmd /etc/apache/md-message
return code other than 0 is regarded as an error.
</p><p>
'errored' is no immediate cause for concern since renewal is attempted
- early enough to allow the internet to come back.
+ early enough to allow the internet to come back. This is reported at most
+ once per hour.
</p><p>
'expiring' should be taken serious. It is issued when the
<code class="directive"><a href="#mdwarnwindow">MDWarnWindow</a></code> is reached. By default this is
10% of the certificate lifetime, so for Let's Encrypt this currently
means 9 days before it expires. The warning is repeated at most once
a day.
+ </p><p>
+ 'renewed' means that a new certificate has been obtained and is stored
+ in the 'staging' area in the MD store. It will be activated on the next
+ server restart/reload.
+ </p><p>
+ 'installed' is triggered when a new certificate has been transferred from
+ staging into the domains location in MD store. This happens at server
+ startup/reload. Different to all other invocations, MDMessageCmd is run
+ with root permissions (on *nix systems) and has access to the certificate
+ files (and keys). Certificates needed for other applications or
+ in different formats can be processed on this event.
</p>
</div>
@@ -580,7 +700,7 @@ MDMessageCmd /etc/apache/md-message
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDMustStaple on|off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDMustStaple off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>Defines if newly requested certificate should have the OCSP Must Staple flag
@@ -597,7 +717,7 @@ MDMessageCmd /etc/apache/md-message
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Run a program when a Managed Domain is ready.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDNotifyCmd <var>path</var> [ <var>args</var> ]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -614,7 +734,7 @@ MDMessageCmd /etc/apache/md-message
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Define list of domain names that belong to one group.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDomain <var>dns-name</var> [ <var>other-dns-name</var>... ] [auto|manual]</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -696,7 +816,7 @@ MDomain example2.org auto
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Container for directives applied to the same managed domains.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code><MDomainSet <var>dns-name</var> [ <var>other-dns-name</var>... ]>...</MDomainSet></code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -729,7 +849,7 @@ MDomain example2.org auto
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDPortMap <var>map1</var> [ <var>map2</var> ]</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDPortMap http:80 https:443</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -772,7 +892,7 @@ MDomain example2.org auto
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDPrivateKeys <var>type</var> [ <var>params</var>... ]</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDPrivateKeys RSA 2048</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -803,7 +923,7 @@ MDomain example2.org auto
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDRenewMode always|auto|manual</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDRenewMode auto</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -835,7 +955,7 @@ MDomain example2.org auto
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDRenewWindow <var>duration</var></code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDRenewWindow 33%</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -869,7 +989,7 @@ MDRenewWindow 10%</pre>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDRequireHttps off|temporary|permanent</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDRequireHttps off</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>This is a convenience directive to ease http: to https: migration of
@@ -925,7 +1045,7 @@ MDRenewWindow 10%</pre>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDServerStatus on|off</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDServerStatus on</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -938,13 +1058,116 @@ MDRenewWindow 10%</pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MDStapleOthers" id="MDStapleOthers">MDStapleOthers</a> <a name="mdstapleothers" id="mdstapleothers">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable stapling for certificates not managed by mod_md.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDStapleOthers on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>on</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
+</table>
+ <p>
+ This setting only takes effect when `MDStapling` is enabled. It controls
+ if `mod_md` should also provide stapling information for certificates
+ that are not directly controlled by it, e.g. renewed via an ACME CA.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MDStapling" id="MDStapling">MDStapling</a> <a name="mdstapling" id="mdstapling">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Enable stapling for all or a particular MDomain.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDStapling on|off</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>off</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
+</table>
+ <p>
+ mod_md offers an implementation for providing OCSP stapling information.
+ This is an alternative to the one provided by 'mod_ssl'. For backward
+ compatiblity, this is disabled by default.
+ </p><p>
+ The stapling can be switched on for all certificates on the server or
+ for an individual MDomain. This will replace any stapling configurtion
+ in `mod_ssl` for these hosts. When disabled, the 'mod_ssl' stapling
+ will do the work (if it is itself enabled, of course). This allows for
+ a gradual shift over from one implementation to the other.
+ </p><p>
+ The stapling of `mod_md` will also work for domains where the certificates
+ are not managed by this module (see MDStapleOthers for how to control this).
+ This allows use of the new stapling without using any ACME certificate
+ management.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MDStaplingKeepResponse" id="MDStaplingKeepResponse">MDStaplingKeepResponse</a> <a name="mdstaplingkeepresponse" id="mdstaplingkeepresponse">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Controls when old responses should be removed.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDStaplingKeepResponse duration</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>7d</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
+</table>
+ <p>
+ This time window specifies when OCSP response data used in stapling
+ shall be removed from the store again. Response information older than
+ 7 days (default) is deleted on server restart/reload. This keeps the store
+ from growing when certificates are renewed/reconfigured frequently.
+ </p><p>
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
+<div class="directive-section"><h2><a name="MDStaplingRenewWindow" id="MDStaplingRenewWindow">MDStaplingRenewWindow</a> <a name="mdstaplingrenewwindow" id="mdstaplingrenewwindow">Directive</a></h2>
+<table class="directive">
+<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Control when the stapling responses will be renewed.</td></tr>
+<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDStaplingRenewWindow duration</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>33%</code></td></tr>
+<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
+<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
+</table>
+ <p>
+ If the validity of the OCSP response used in stapling falls below 'duration',
+ mod_md will obtain a new OCSP response.
+ </p><p>
+ The CA issueing a certificate commonly also operates the OCSP responder
+ service and determines how long its signed response about the validity
+ of a certificate are itself valid. The longer a response is valid, the longer
+ it can be cached which mean better overall performance for everyone.
+ The shorter the life time, the more rapidly certificate revocations
+ spread to clients. Also, service reliability is a consideration.
+ </p><p>
+ By adjusting the stapling renew window you can control parts of this yourself.
+ If you make the renew time short (e.g. a short time before the current
+ information expires), you gain maximum cache time. But a service outage
+ (down for maintenance, for example) will affect you. If you renew a long
+ time before expiry, updates will be made more frequent, cause more load
+ on the CA server infrastructure and also more coordination between
+ the child processes of your server.
+ </p><p>
+ The default is chosen as 33%, which means renewal is started when only
+ a third of the response lifetime is left. For a CA that issues OCSP
+ responses with lifetime of 3 days, this means 2 days of caching and 1 day
+ for renewal attempts. A service outage would have to last full 24 hours
+ to affect your domains.
+ </p><p>
+ Setting an absolute renew window, like `2d` (2 days), is also possible.
+ </p>
+
+</div>
+<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="directive-section"><h2><a name="MDStoreDir" id="MDStoreDir">MDStoreDir</a> <a name="mdstoredir" id="mdstoredir">Directive</a></h2>
<table class="directive">
<tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Path on the local file system to store the Managed Domains data.</td></tr>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDStoreDir path</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDStoreDir md</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
@@ -966,7 +1189,7 @@ MDRenewWindow 10%</pre>
<tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>MDWarnWindow duration</code></td></tr>
<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>MDWarnWindow 10%</code></td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config</td></tr>
-<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
+<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Experimental</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_md</td></tr>
</table>
<p>
Modified: httpd/httpd/branches/2.4.x/docs/manual/mod/mod_proxy_uwsgi.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/branches/2.4.x/docs/manual/mod/mod_proxy_uwsgi.html.en?rev=1869739&r1=1869738&r2=1869739&view=diff
==============================================================================
--- httpd/httpd/branches/2.4.x/docs/manual/mod/mod_proxy_uwsgi.html.en (original)
+++ httpd/httpd/branches/2.4.x/docs/manual/mod/mod_proxy_uwsgi.html.en Wed Nov 13 13:27:27 2019
@@ -26,7 +26,8 @@
<div id="page-content">
<div id="preamble"><h1>Apache Module mod_proxy_uwsgi</h1>
<div class="toplang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_proxy_uwsgi.html" title="English"> en </a></p>
+<p><span>Available Languages: </span><a href="../en/mod/mod_proxy_uwsgi.html" title="English"> en </a> |
+<a href="../fr/mod/mod_proxy_uwsgi.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
</div>
<table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>UWSGI gateway module for <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code></td></tr>
<tr><th><a href="module-dict.html#Status">Status:</a></th><td>Extension</td></tr>
@@ -82,7 +83,8 @@
</div>
</div>
<div class="bottomlang">
-<p><span>Available Languages: </span><a href="../en/mod/mod_proxy_uwsgi.html" title="English"> en </a></p>
+<p><span>Available Languages: </span><a href="../en/mod/mod_proxy_uwsgi.html" title="English"> en </a> |
+<a href="../fr/mod/mod_proxy_uwsgi.html" hreflang="fr" rel="alternate" title="Français"> fr </a></p>
</div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our <a href="http://httpd.apache.org/lists.html">mailing lists</a>.</div>
<script type="text/javascript"><!--//--><![CDATA[//><!--
var comments_shortname = 'httpd';