Openssl
From Resin 3.0
(Difference between revisions)
(renamed tag to directive) |
|||
| Line 34: | Line 34: | ||
||verify-depth||How deep a verification chain to allow | ||verify-depth||How deep a verification chain to allow | ||
|} | |} | ||
| + | |||
| + | == cipher-suite == | ||
| + | |||
| + | The <cipher-suite> tag restricts the ciphers allowed for SSL connections following the [http://www.openssl.org/docs/apps/ciphers.html OpenSSL cipher suite syntax] | ||
Revision as of 22:26, 23 March 2006
<openssl> configures SSL for a <http> or <srun> port using the OpenSSL library. (Requires Resin Professional)
directives
| directive | description | default |
|---|---|---|
| ca-certificate-file | CA file for SSL client authentication | |
| ca-certificate-path | CA directory for SSL client authentication | |
| certificate-file | The server's certificate | required |
| certificate-chain-file | File containing the certificate chain for SSL client authentication | |
| certificate-key-file | The server's private key file | required |
| cipher-suite | Specifies cryptographic algorithms allowed | |
| password | Specifies the private key password | required |
| protocol | SSL3 or TLS | TLS |
| session-cache | If true, enables the OpenSSL session cache | true |
| session-cache-timeout | How long sessions should be kept in the session cache | |
| unclean-shutdown | If true, closing SSL sockets will be forced instead of a clean shutdown | false |
| <verify-client> | Sets the SSL client authentication options | |
| verify-depth | How deep a verification chain to allow |
cipher-suite
The <cipher-suite> tag restricts the ciphers allowed for SSL connections following the OpenSSL cipher suite syntax
