Improve ephemeral key handling (companion to r1526168): - apache2

diff options

author	Kaspar Brand <kbrand@apache.org>	2013-09-29 12:35:46 +0200
committer	Kaspar Brand <kbrand@apache.org>	2013-09-29 12:35:46 +0200
commit	169f992d899d366a74162e18169986fb5dcdc6cf (patch)
tree	1aed53217e4bc4cc3a180795a8559685a43c5b8b /LICENSE
parent	Increase minimum required OpenSSL version to 0.9.8a (in preparation (diff)
download	apache2-169f992d899d366a74162e18169986fb5dcdc6cf.tar.xz apache2-169f992d899d366a74162e18169986fb5dcdc6cf.zip

Improve ephemeral key handling (companion to r1526168):

- allow to configure custom DHE or ECDHE parameters via the SSLCertificateFile directive, and adapt its documentation accordingly (addresses PR 49559) - add standardized DH parameters from RFCs 2409 and 3526, use them based on the length of the certificate's RSA/DSA key, and add a FAQ entry for clients which limit DH support to 1024 bits (such as Java 7 and earlier) - move ssl_dh_GetParamFromFile() from ssl_engine_dh.c to ssl_util_ssl.c, and add ssl_ec_GetParamFromFile() - drop ssl_engine_dh.c from mod_ssl For the standardized DH parameters, OpenSSL version 0.9.8a or later is required, which was therefore made a new minimum requirement in r1527294. git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1527295 13f79535-47bb-0310-9956-ffa450edef68

Diffstat (limited to 'LICENSE')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: