INN commit: trunk/doc/pod (inn.conf.pod nnrpd.pod)
INN Commit
rra at isc.org
Thu May 21 20:59:41 UTC 2020
Date: Thursday, May 21, 2020 @ 13:59:41
Author: iulius
Revision: 10372
Clarify nnrpd TLS instructions
Thanks to Richard Kettlewell for the suggestion.
Modified:
trunk/doc/pod/inn.conf.pod
trunk/doc/pod/nnrpd.pod
--------------+
inn.conf.pod | 4 ++++
nnrpd.pod | 5 +++--
2 files changed, 7 insertions(+), 2 deletions(-)
Modified: inn.conf.pod
===================================================================
--- inn.conf.pod 2020-05-16 21:06:03 UTC (rev 10371)
+++ inn.conf.pod 2020-05-21 20:59:41 UTC (rev 10372)
@@ -1095,6 +1095,10 @@
TLS clients. This parameter is only used if B<nnrpd> is built with TLS/SSL
support. The default value is I<pathetc>/cert.pem.
+Note that unlike Apache's I<SSLCertificateFile> directive, I<tlscertfile>
+should not contain a concatenation of certificates. Instead, if you have
+a certificate authority root certificate, set I<tlscafile> to its path.
+
=item I<tlskeyfile>
The path to a file containing the encryption key for the server
Modified: nnrpd.pod
===================================================================
--- nnrpd.pod 2020-05-16 21:06:03 UTC (rev 10371)
+++ nnrpd.pod 2020-05-21 20:59:41 UTC (rev 10372)
@@ -205,8 +205,9 @@
tlscertfile: <pathetc>/cert.pem
tlskeyfile: <pathetc>/key.pem
-In case you have a certificate authority root certificate, you can also
-set I<tlscafile> to its path.
+Note that unlike Apache's I<SSLCertificateFile> directive, I<tlscertfile>
+should not contain a concatenation of certificates. Instead, if you have
+a certificate authority root certificate, set I<tlscafile> to its path.
There are two common ways for a news client to negotiate a TLS
connection: either via the use of a dedicated port (usually 563)
More information about the inn-committers
mailing list