Openssl

From Resin 3.0

(Difference between revisions)

Revision as of 22:28, 23 March 2006

<openssl> configures SSL for a <http> or <srun> port using the OpenSSL library. (Requires Resin Professional)

directives

directive	description	default
ca-certificate-file	CA file for SSL client authentication
ca-certificate-path	CA directory for SSL client authentication
certificate-file	The server's certificate	required
certificate-chain-file	File containing the certificate chain for SSL client authentication
certificate-key-file	The server's private key file	required
cipher-suite	Specifies cryptographic algorithms allowed
password	Specifies the private key password	required
protocol	SSL3 or TLS	TLS
session-cache	If true, enables the OpenSSL session cache	true
session-cache-timeout	How long sessions should be kept in the session cache
unclean-shutdown	If true, closing SSL sockets will be forced instead of a clean shutdown	false
<verify-client>	Sets the SSL client authentication options
verify-depth	How deep a verification chain to allow

cipher-suite

The <cipher-suite> tag restricts the ciphers allowed for SSL connections following the OpenSSL cipher suite syntax

 <http port='443'>
   <openssl>
     <certificate-file>...</certificate-file>
     <certificate-key-file>...</certificate-key-file>
     <password>...</password>
     <cipher-suite>ALL:!aNULL:!ADH</cipher-suite>
 </openssl>
 </http>

Openssl

From Resin 3.0

Revision as of 22:28, 23 March 2006

directives

cipher-suite

Views

Personal tools

Navigation

Search

Toolbox