You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by rj...@apache.org on 2020/08/18 09:48:09 UTC
svn commit: r1880959 - /httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
Author: rjung
Date: Tue Aug 18 09:48:08 2020
New Revision: 1880959
URL: http://svn.apache.org/viewvc?rev=1880959&view=rev
Log:
Xforms. [skip ci]
Modified:
httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
Modified: httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en?rev=1880959&r1=1880958&r2=1880959&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_ssl.html.en Tue Aug 18 09:48:08 2020
@@ -1949,6 +1949,13 @@ or additionally to <code>SSLProxyMachine
<div class="warning">
<p>Currently there is no support for encrypted private keys</p>
</div>
+<div class="warning">
+<p>Only keys encoded in PKCS1 RSA, DSA or EC format are supported.
+Keys encoded in PKCS8 format, ie. starting with
+"<code>-----BEGIN PRIVATE KEY-----</code>",
+must be converted, eg. using
+"<code>openssl rsa -in private-pkcs8.pem -outform pem</code>".</p>
+</div>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyMachineCertificateFile "/usr/local/apache2/conf/ssl.crt/proxy.pem"</pre>
</div>
@@ -1975,6 +1982,13 @@ contain a PEM-encoded certificate and ma
<div class="warning">
<p>Currently there is no support for encrypted private keys</p>
</div>
+<div class="warning">
+<p>Only keys encoded in PKCS1 RSA, DSA or EC format are supported.
+Keys encoded in PKCS8 format, ie. starting with
+"<code>-----BEGIN PRIVATE KEY-----</code>",
+must be converted, eg. using
+"<code>openssl rsa -in private-pkcs8.pem -outform pem</code>".</p>
+</div>
<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyMachineCertificatePath "/usr/local/apache2/conf/proxy.crt/"</pre>
</div>
@@ -2075,6 +2089,13 @@ source</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
</table>
+<div class="note"><h3>SSLRandomSeed is deprecated</h3>
+
+<p>The <code>SSLRandomSeed</code> directive is deprecated, and is
+completely ignored if httpd is built using OpenSSL version 1.1.1 or
+later.</p>
+</div>
+
<p>
This configures one or more sources for seeding the Pseudo Random Number
Generator (PRNG) in OpenSSL at startup time (<em>context</em> is
@@ -2886,4 +2907,4 @@ if (typeof(prettyPrint) !== 'undefined')
prettyPrint();
}
//--><!]]></script>
-</body></html>
\ No newline at end of file
+</body></html>