You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by co...@apache.org on 2016/09/17 13:09:33 UTC
svn commit: r1761216 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
Author: covener
Date: Sat Sep 17 13:09:33 2016
New Revision: 1761216
URL: http://svn.apache.org/viewvc?rev=1761216&view=rev
Log:
xform
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en?rev=1761216&r1=1761215&r2=1761216&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en Sat Sep 17 13:09:33 2016
@@ -2665,13 +2665,9 @@ The following levels are available for <
the client <em>has to</em> present a valid Certificate</li>
<li><strong>optional_no_ca</strong>:
the client may present a valid Certificate<br />
- but it need not to be (successfully) verifiable.</li>
+ but it need not to be (successfully) verifiable. This option
+ cannot be relied upon for client authentication. </li>
</ul>
-<p>In practice only levels <strong>none</strong> and
-<strong>require</strong> are really interesting, because level
-<strong>optional</strong> doesn't work with all browsers and level
-<strong>optional_no_ca</strong> is actually against the idea of
-authentication (but can be used to establish SSL test pages, etc.)</p>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyClient require</pre>
</div>