diff options
author | Laurent Bercot <ska-skaware@skarnet.org> | 2022-08-23 14:57:07 +0000 |
---|---|---|
committer | Laurent Bercot <ska@appnovation.com> | 2022-08-23 14:57:07 +0000 |
commit | da13dfcb1f0cfae82f448873c15cb01fd78639aa (patch) | |
tree | ca1225196966ebfde00b6a91f2fe35a1eb4ffaf2 /doc | |
parent | 003b096d346b6c20d43d1127413d2db4b66e5b6e (diff) | |
download | s6-networking-da13dfcb1f0cfae82f448873c15cb01fd78639aa.tar.xz |
Do not require optional certificates XD
Signed-off-by: Laurent Bercot <ska@appnovation.com>
Diffstat (limited to 'doc')
-rw-r--r-- | doc/s6-tlsd-io.html | 10 | ||||
-rw-r--r-- | doc/s6-tlsd.html | 6 | ||||
-rw-r--r-- | doc/s6-ucspitlsd.html | 6 |
3 files changed, 13 insertions, 9 deletions
diff --git a/doc/s6-tlsd-io.html b/doc/s6-tlsd-io.html index f21d487..a026664 100644 --- a/doc/s6-tlsd-io.html +++ b/doc/s6-tlsd-io.html @@ -210,10 +210,14 @@ no effect. </li> and break the connection when receiving a local EOF. </li> <li> <tt>-s</tt> : transmit EOF by half-closing the TCP connection without using <tt>close_notify</tt>. This is the default. </li> - <li> <tt>-Y</tt> : Require an optional client certificate. </li> - <li> <tt>-y</tt> : Require a mandatory client certificate. + <li> <tt>-Y</tt> : Request an client certificate. +The certificate is optional: if the client gives none, the connection +proceeds. </li> + <li> <tt>-y</tt> : Request a client certificate. +The certificate is mandatory: if the client gives none, the handshake +fails. The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option, -is not to require a client certificate at all. </li> +is not to request a client certificate at all. </li> <li> <tt>-K <em>kimeout</em></tt> : if the peer fails to send data for <em>kimeout</em> milliseconds during the handshake, close the connection. The default is 0, which means infinite timeout diff --git a/doc/s6-tlsd.html b/doc/s6-tlsd.html index c1c6a59..cbaa5c8 100644 --- a/doc/s6-tlsd.html +++ b/doc/s6-tlsd.html @@ -140,10 +140,10 @@ before execing <em>prog...</em>. This is the default. </li> and break the connection when <em>prog</em> sends EOF. </li> <li> <tt>-s</tt> : transmit EOF by half-closing the TCP connection without using <tt>close_notify</tt>. This is the default. </li> - <li> <tt>-Y</tt> : Require an optional client certificate. </li> - <li> <tt>-y</tt> : Require a mandatory client certificate. + <li> <tt>-Y</tt> : Request an optional client certificate. </li> + <li> <tt>-y</tt> : Request a mandatory client certificate. The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option, -is not to require a client certificate at all. </li> +is not to request a client certificate at all. </li> <li> <tt>-K <em>kimeout</em></tt> : if the peer fails to send data for <em>kimeout</em> milliseconds during the handshake, close the connection. The default is 0, which means infinite timeout diff --git a/doc/s6-ucspitlsd.html b/doc/s6-ucspitlsd.html index cb53389..8488942 100644 --- a/doc/s6-ucspitlsd.html +++ b/doc/s6-ucspitlsd.html @@ -146,10 +146,10 @@ before execing <em>prog...</em>. This is the default. </li> and break the connection when <em>prog</em> sends EOF. </li> <li> <tt>-s</tt> : transmit EOF by half-closing the TCP connection without using <tt>close_notify</tt>. This is the default. </li> - <li> <tt>-Y</tt> : Require an optional client certificate. </li> - <li> <tt>-y</tt> : Require a mandatory client certificate. + <li> <tt>-Y</tt> : Request an optional client certificate. </li> + <li> <tt>-y</tt> : Request a mandatory client certificate. The default, with neither the <tt>-Y</tt> nor the <tt>-y</tt> option, -is not to require a client certificate at all. </li> +is not to request a client certificate at all. </li> <li> <tt>-K <em>kimeout</em></tt> : close the connection if the handshake takes more than <em>kimeout</em> milliseconds to complete. The default is 0, which means infinite timeout: let the handshake complete |