INN commit: trunk/doc/pod (inn.conf.pod nnrpd.pod)

INN Commit rra at isc.org
Thu May 21 20:59:41 UTC 2020


    Date: Thursday, May 21, 2020 @ 13:59:41
  Author: iulius
Revision: 10372

Clarify nnrpd TLS instructions

Thanks to Richard Kettlewell for the suggestion.

Modified:
  trunk/doc/pod/inn.conf.pod
  trunk/doc/pod/nnrpd.pod

--------------+
 inn.conf.pod |    4 ++++
 nnrpd.pod    |    5 +++--
 2 files changed, 7 insertions(+), 2 deletions(-)

Modified: inn.conf.pod
===================================================================
--- inn.conf.pod	2020-05-16 21:06:03 UTC (rev 10371)
+++ inn.conf.pod	2020-05-21 20:59:41 UTC (rev 10372)
@@ -1095,6 +1095,10 @@
 TLS clients.  This parameter is only used if B<nnrpd> is built with TLS/SSL
 support.  The default value is I<pathetc>/cert.pem.
 
+Note that unlike Apache's I<SSLCertificateFile> directive, I<tlscertfile>
+should not contain a concatenation of certificates.  Instead, if you have
+a certificate authority root certificate, set I<tlscafile> to its path.
+
 =item I<tlskeyfile>
 
 The path to a file containing the encryption key for the server

Modified: nnrpd.pod
===================================================================
--- nnrpd.pod	2020-05-16 21:06:03 UTC (rev 10371)
+++ nnrpd.pod	2020-05-21 20:59:41 UTC (rev 10372)
@@ -205,8 +205,9 @@
     tlscertfile:    <pathetc>/cert.pem
     tlskeyfile:     <pathetc>/key.pem
 
-In case you have a certificate authority root certificate, you can also
-set I<tlscafile> to its path.
+Note that unlike Apache's I<SSLCertificateFile> directive, I<tlscertfile>
+should not contain a concatenation of certificates.  Instead, if you have
+a certificate authority root certificate, set I<tlscafile> to its path.
 
 There are two common ways for a news client to negotiate a TLS
 connection:  either via the use of a dedicated port (usually 563)



More information about the inn-committers mailing list