summaryrefslogtreecommitdiff
path: root/doc/s6-tlsc.html
diff options
context:
space:
mode:
authorLaurent Bercot <ska-skaware@skarnet.org>2017-01-10 02:17:16 +0000
committerLaurent Bercot <ska-skaware@skarnet.org>2017-01-10 02:17:16 +0000
commit334d807b924427434b42d4fbae745d3d1b38a218 (patch)
tree6daf12c1e2fa07d2ac6255ef4439e2fb95a57f57 /doc/s6-tlsc.html
parent43cb3ee4227de70e0225e9ac142b4d397f93cc41 (diff)
downloads6-networking-334d807b924427434b42d4fbae745d3d1b38a218.tar.xz
Types fix, first pass
XXX marks what must change when skalibs changes. Also started writing functions for client certificate support in sbearssl, but it's not working yet (need more high-level support from BearSSL before it can work)
Diffstat (limited to 'doc/s6-tlsc.html')
-rw-r--r--doc/s6-tlsc.html8
1 files changed, 2 insertions, 6 deletions
diff --git a/doc/s6-tlsc.html b/doc/s6-tlsc.html
index d40820c..39f4680 100644
--- a/doc/s6-tlsc.html
+++ b/doc/s6-tlsc.html
@@ -126,10 +126,7 @@ two more environment variables: <tt>KEYFILE</tt> contains
the path to a file containing the private key, DER- or
PEM-encoded; and <tt>CERTFILE</tt> contains the path to
a file containing the client certificate, DER- or
-PEM-encoded. Please note that for now, support for client
-certificates is experimental, and only works
-with the <a href="https://www.libressl.org/">LibreSSL</a>
-backend (BearSSL does not support client certificates yet).
+PEM-encoded.
</p>
<p>
@@ -229,8 +226,7 @@ and break the connection when <em>prog</em> sends EOF. </li>
<li> <tt>-s</tt>&nbsp;: transmit EOF by half-closing the TCP
connection without using <tt>close_notify</tt>. This is the default. </li>
<li> <tt>-Y</tt>&nbsp;: Do not send a client certificate. This is the default. </li>
- <li> <tt>-y</tt>&nbsp;: Send a client certificate. This is experimental and
-for now unsupported by BearSSL. </li>
+ <li> <tt>-y</tt>&nbsp;: Send a client certificate. </li>
<li> <tt>-k&nbsp;<em>servername</em></tt>&nbsp: use Server Name
Indication, and send <em>servername</em>. The default is not to
use SNI, which may be a security risk. </li>