Changeset 37287 in project


Ignore:
Timestamp:
02/25/19 11:24:05 (8 months ago)
Author:
wasamasa
Message:

Document changed defaults of CA-related parameters

File:
1 edited

Legend:

Unmodified
Added
Removed
  • wiki/eggref/5/openssl

    r37286 r37287  
    6464The time in milliseconds to wait for a SSL shutdown operation to complete (after closing a port). Defaults to 120000, ie two minutes.
    6565
     66<parameter>(ssl-default-certificate-authorities [FILE])</parameter>
    6667<parameter>(ssl-default-certificate-authority-directory [DIRECTORY])</parameter>
    6768
    68 The default directory containing trusted CA certificates that is used if verification is enabled but not explicitly configured using the convenience constructors.
     69These parameters can be used to override the default file (for example, {{/etc/ssl/cert.pem}}) and directory (for example, {{/etc/ssl/certs}}) containing all trusted CA certificates.  When not customized, the OpenSSL functions {{SSL_CTX_set_default_verify_paths}} and {{SSL_CTX_load_verify_locations}} are used to determine sensible default locations.
    6970
    7071===== Client procedures
Note: See TracChangeset for help on using the changeset viewer.