diff options
| author | Kaspar Brand <kbrand@apache.org> | 2011-12-24 07:40:10 +0100 |
|---|---|---|
| committer | Kaspar Brand <kbrand@apache.org> | 2011-12-24 07:40:10 +0100 |
| commit | 1af61dfb2ed89e4b8816bc6988fe4ac6558dbb70 (patch) | |
| tree | d96b5cf73f7692072eac7ec9e01c527bb2424cb2 /docs/manual/mod/mod_ssl.xml | |
| parent | Set OPENSSL_NO_SSL_INTERN when compiling against OpenSSL 1.0.1 (diff) | |
| download | apache2-1af61dfb2ed89e4b8816bc6988fe4ac6558dbb70.tar.xz apache2-1af61dfb2ed89e4b8816bc6988fe4ac6558dbb70.zip | |
SSLProtocol: allow explicit control of TLSv1.1 and TLSv1.2 flavors when
compiled against OpenSSL 1.0.1 or later. Update documentation.
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1222921 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs/manual/mod/mod_ssl.xml')
| -rw-r--r-- | docs/manual/mod/mod_ssl.xml | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml index 5bf2438752..f54aa34c9d 100644 --- a/docs/manual/mod/mod_ssl.xml +++ b/docs/manual/mod/mod_ssl.xml @@ -61,7 +61,7 @@ compatibility variables.</p> <th>Description:</th> </tr> <tr><td><code>HTTPS</code></td> <td>flag</td> <td>HTTPS is being used.</td></tr> -<tr><td><code>SSL_PROTOCOL</code></td> <td>string</td> <td>The SSL protocol version (SSLv3, TLSv1)</td></tr> +<tr><td><code>SSL_PROTOCOL</code></td> <td>string</td> <td>The SSL protocol version (SSLv3, TLSv1, TLSv1.1, TLSv1.2)</td></tr> <tr><td><code>SSL_SESSION_ID</code></td> <td>string</td> <td>The hex-encoded SSL session id</td></tr> <tr><td><code>SSL_SESSION_RESUMED</code></td> <td>string</td> <td>Initial or Resumed SSL Session. Note: multiple requests may be served over the same (Initial or Resumed) SSL session if HTTP KeepAlive is in use</td></tr> <tr><td><code>SSL_SECURE_RENEG</code></td> <td>string</td> <td><code>true</code> if secure renegotiation is supported, else <code>false</code></td></tr> @@ -588,15 +588,25 @@ The available (case-insensitive) <em>protocol</em>s are:</p> <li><code>TLSv1</code> <p> - This is the Transport Layer Security (TLS) protocol, version 1.0. It is the - successor to SSLv3 and was originally defined in <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC 2246</a> - (obsoleted by <a href="http://www.ietf.org/rfc/rfc4346.txt">RFC 4346</a> - and <a href="http://www.ietf.org/rfc/rfc5246.txt">RFC 5246</a> in - the meantime).</p></li> + This is the Transport Layer Security (TLS) protocol, version 1.0. + It is the successor to SSLv3 and is defined in + <a href="http://www.ietf.org/rfc/rfc2246.txt">RFC 2246</a>.</p></li> + +<li><code>TLSv1.1</code> (when using OpenSSL 1.0.1 and later) + <p> + A revision of the TLS 1.0 protocol, as defined in + <a href="http://www.ietf.org/rfc/rfc4346.txt">RFC 4346</a>.</p></li> + +<li><code>TLSv1.2</code> (when using OpenSSL 1.0.1 and later) + <p> + A revision of the TLS 1.1 protocol, as defined in + <a href="http://www.ietf.org/rfc/rfc5246.txt">RFC 5246</a>.</p></li> <li><code>all</code> <p> - This is a shortcut for ``<code>+SSLv3 +TLSv1</code>''.</p></li> + This is a shortcut for ``<code>+SSLv3 +TLSv1</code>'' or + - when using OpenSSL 1.0.1 and later - + ``<code>+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>, respectively.</p></li> </ul> <example><title>Example</title> SSLProtocol TLSv1 |