You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by jp...@apache.org on 2013/08/19 18:05:46 UTC
git commit: doc: remove references to obsolete SSL config variables
Updated Branches:
refs/heads/master d9c639bea -> cedd0ab84
doc: remove references to obsolete SSL config variables
Project: http://git-wip-us.apache.org/repos/asf/trafficserver/repo
Commit: http://git-wip-us.apache.org/repos/asf/trafficserver/commit/cedd0ab8
Tree: http://git-wip-us.apache.org/repos/asf/trafficserver/tree/cedd0ab8
Diff: http://git-wip-us.apache.org/repos/asf/trafficserver/diff/cedd0ab8
Branch: refs/heads/master
Commit: cedd0ab84c32fc2518d73a31c1a178a4b25fa2bc
Parents: d9c639b
Author: James Peach <jp...@apache.org>
Authored: Mon Aug 19 09:05:48 2013 -0700
Committer: James Peach <jp...@apache.org>
Committed: Mon Aug 19 09:05:48 2013 -0700
----------------------------------------------------------------------
doc/admin/security-options.en.rst | 13 +++----------
1 file changed, 3 insertions(+), 10 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/trafficserver/blob/cedd0ab8/doc/admin/security-options.en.rst
----------------------------------------------------------------------
diff --git a/doc/admin/security-options.en.rst b/doc/admin/security-options.en.rst
index a3c6e51..2038281 100644
--- a/doc/admin/security-options.en.rst
+++ b/doc/admin/security-options.en.rst
@@ -126,10 +126,10 @@ client/Traffic Server connections, you must do the following:
information that enables the client to authenticate Traffic Server
and exchange encryption keys.
- Configure SSL termination options:
-- Enable the **SSL termination** option.
- - Set the port number used for SSL communication.
- - Specify the filename and location of the server certificate.
+ - Set the port number used for SSL communication using :ts:cv:`proxy.config.http.server_ports`.
+ - Edit :file:`ssl_multicert.config` to specify the filename and location of the
+ SSL certificates and provate keys.
- (Optional) Configure the use of client certificates: Client
certificates are located on the client. If you configure Traffic
Server to require client certificates, then Traffic Server
@@ -138,11 +138,6 @@ client/Traffic Server connections, you must do the following:
require client certificates, then access to Traffic Server is
managed through other Traffic Server options that have been set
(such as rules in :file:`ip_allow.config`).
- - Specify the filename and location of the Traffic Server private
- key (if the private key is not located in the server certificate
- file). Traffic Server uses its private key during the SSL
- handshake to decrypt the session encryption keys. The private key
- must be stored and protected against theft.
- (Optional) Configure the use of Certification Authorities (CAs).
CAs add security by verifying the identity of the person
requesting a certificate.
@@ -155,9 +150,7 @@ In order to accomplish this, we
- :ts:cv:`proxy.config.http.server_ports`
- :ts:cv:`proxy.config.ssl.client.certification_level`
- :ts:cv:`proxy.config.ssl.server.cert.path`
- - :ts:cv:`proxy.config.ssl.server.private_key.filename`
- :ts:cv:`proxy.config.ssl.server.private_key.path`
- - :ts:cv:`proxy.config.ssl.CA.cert.filename`
- :ts:cv:`proxy.config.ssl.CA.cert.path`
3. Run the command :option:`traffic_line -L` to restart Traffic Server on the