You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by jp...@apache.org on 2013/08/19 18:05:46 UTC

git commit: doc: remove references to obsolete SSL config variables

Updated Branches:
  refs/heads/master d9c639bea -> cedd0ab84


doc: remove references to obsolete SSL config variables


Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cedd0ab8
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cedd0ab8
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cedd0ab8

Branch: refs/heads/master
Commit: cedd0ab84c32fc2518d73a31c1a178a4b25fa2bc
Parents: d9c639b
Author: James Peach <jp...@apache.org>
Authored: Mon Aug 19 09:05:48 2013 -0700
Committer: James Peach <jp...@apache.org>
Committed: Mon Aug 19 09:05:48 2013 -0700

----------------------------------------------------------------------
 doc/admin/security-options.en.rst | 13 +++----------
 1 file changed, 3 insertions(+), 10 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cedd0ab8/doc/admin/security-options.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/security-options.en.rst b/doc/admin/security-options.en.rst
index a3c6e51..2038281 100644
--- a/doc/admin/security-options.en.rst
+++ b/doc/admin/security-options.en.rst
@@ -126,10 +126,10 @@ client/Traffic Server connections, you must do the following:
    information that enables the client to authenticate Traffic Server
    and exchange encryption keys.
 -  Configure SSL termination options:
--  Enable the **SSL termination** option.
 
-   -  Set the port number used for SSL communication.
-   -  Specify the filename and location of the server certificate.
+   -  Set the port number used for SSL communication using :ts:cv:`proxy.config.http.server_ports`.
+   -  Edit :file:`ssl_multicert.config` to specify the filename and location of the
+     SSL certificates and provate keys.
    -  (Optional) Configure the use of client certificates: Client
       certificates are located on the client. If you configure Traffic
       Server to require client certificates, then Traffic Server
@@ -138,11 +138,6 @@ client/Traffic Server connections, you must do the following:
       require client certificates, then access to Traffic Server is
       managed through other Traffic Server options that have been set
       (such as rules in :file:`ip_allow.config`).
-   -  Specify the filename and location of the Traffic Server private
-      key (if the private key is not located in the server certificate
-      file). Traffic Server uses its private key during the SSL
-      handshake to decrypt the session encryption keys. The private key
-      must be stored and protected against theft.
    -  (Optional) Configure the use of Certification Authorities (CAs).
       CAs add security by verifying the identity of the person
       requesting a certificate.
@@ -155,9 +150,7 @@ In order to accomplish this, we
    -  :ts:cv:`proxy.config.http.server_ports`
    -  :ts:cv:`proxy.config.ssl.client.certification_level`
    -  :ts:cv:`proxy.config.ssl.server.cert.path`
-   -  :ts:cv:`proxy.config.ssl.server.private_key.filename`
    -  :ts:cv:`proxy.config.ssl.server.private_key.path`
-   -  :ts:cv:`proxy.config.ssl.CA.cert.filename`
    -  :ts:cv:`proxy.config.ssl.CA.cert.path`
 
 3. Run the command :option:`traffic_line -L` to restart Traffic Server on the