www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2026-01-06 09:01:14 +03:00
Code Activity

Synch some compatibility notes with 2.4.x

Browse Source 
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1659902 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Christophe Jaillet
2015-02-15 09:16:31 +00:00
parent 2a46c5a884
commit fc530894be
14 changed files with 65 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docs/manual/mod/core.html.en
View File

@@ -465,7 +465,7 @@ NoDecode option available in 2.3.12 and later.</td></tr>
(<code class="directive"><a href="../mod/mod_autoindex.html#adddescription">AddDescription</a></code>,
<code class="directive"><a href="../mod/mod_autoindex.html#addicon">AddIcon</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#addiconbyencoding">AddIconByEncoding</a></code>,
<code class="directive"><a href="../mod/mod_autoindex.html#addiconbytype">AddIconByType</a></code>,
<code class="directive"><a href="../mod/mod_autoindex.html#defaulticon">DefaultIcon</a></code>, <code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code>, , <code class="directive"><a href="../mod/mod_dir.html#fallbackresource">FallbackResource</a></code>,<a href="mod_autoindex.html#indexoptions.fancyindexing"><code>FancyIndexing</code></a>, <code class="directive"><a href="../mod/mod_autoindex.html#headername">HeaderName</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#indexignore">IndexIgnore</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#indexoptions">IndexOptions</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#readmename">ReadmeName</a></code>,
<code class="directive"><a href="../mod/mod_autoindex.html#defaulticon">DefaultIcon</a></code>, <code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code>, <code class="directive"><a href="../mod/mod_dir.html#fallbackresource">FallbackResource</a></code>, <a href="mod_autoindex.html#indexoptions.fancyindexing"><code>FancyIndexing</code></a>, <code class="directive"><a href="../mod/mod_autoindex.html#headername">HeaderName</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#indexignore">IndexIgnore</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#indexoptions">IndexOptions</a></code>, <code class="directive"><a href="../mod/mod_autoindex.html#readmename">ReadmeName</a></code>,
<em>etc.</em>).</dd>
<dt>Limit</dt>
@@ -3158,6 +3158,7 @@ resource </td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>2.4.10 and later</td></tr>
</table>
<p>This directive controls whether HTTP trailers are copied into the
internal representation of HTTP headers. This mergeing occurs when the

5
docs/manual/mod/core.xml
View File

@@ -393,8 +393,8 @@ NoDecode option available in 2.3.12 and later.</compatibility>
module="mod_autoindex">AddIconByEncoding</directive>,
<directive module="mod_autoindex">AddIconByType</directive>,
<directive module="mod_autoindex">DefaultIcon</directive>, <directive
module="mod_dir">DirectoryIndex</directive>, , <directive
module="mod_dir">FallbackResource</directive>,<a href="mod_autoindex.html#indexoptions.fancyindexing"
module="mod_dir">DirectoryIndex</directive>, <directive
module="mod_dir">FallbackResource</directive>, <a href="mod_autoindex.html#indexoptions.fancyindexing"
><code>FancyIndexing</code></a>, <directive
module="mod_autoindex">HeaderName</directive>, <directive
module="mod_autoindex">IndexIgnore</directive>, <directive
@@ -4587,6 +4587,7 @@ for external processing, e.g. to a CGI script.</p>
<syntax>MergeTrailers [on|off]</syntax>
<default>MergeTrailers off</default>
<contextlist><context>server config</context><context>virtual host</context></contextlist>
<compatibility>2.4.10 and later</compatibility>
<usage>
<p>This directive controls whether HTTP trailers are copied into the

2
docs/manual/mod/mod_auth_basic.html.en
View File

@@ -95,6 +95,7 @@ username and password</td></tr>
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_basic</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.4.5 and later</td></tr>
</table>
<p>The username and password specified are combined into an
Authorization header, which is passed to the server or service
@@ -191,6 +192,7 @@ Digest Authentication was in force instead of Basic Authentication.
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>AuthConfig</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_basic</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.4.7 and later</td></tr>
</table>
<p>Normally, when using Basic Authentication, the providers listed in
<code class="directive"><a href="#authbasicprovider">AuthBasicProvider</a></code>

3
docs/manual/mod/mod_auth_basic.xml
View File

@@ -118,7 +118,7 @@ username and password</description>
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>
<compatibility>Apache HTTP Server 2.4.5 and later</compatibility>
<usage>
<p>The username and password specified are combined into an
Authorization header, which is passed to the server or service
@@ -190,6 +190,7 @@ Digest Authentication was in force instead of Basic Authentication.
<contextlist><context>directory</context><context>.htaccess</context>
</contextlist>
<override>AuthConfig</override>
<compatibility>Apache HTTP Server 2.4.7 and later</compatibility>
<usage>
<p>Normally, when using Basic Authentication, the providers listed in

9
docs/manual/mod/mod_auth_form.html.en
View File

@@ -455,7 +455,8 @@ lower level modules</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformloginrequiredlocation">AuthFormLoginRequiredLocation</a></code> directive
specifies the URL to redirect to should the user not be authorised to view a page. The value
@@ -478,7 +479,8 @@ lower level modules</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformloginsuccesslocation">AuthFormLoginSuccessLocation</a></code> directive
specifies the URL to redirect to should the user have logged in successfully. The value is
@@ -500,7 +502,8 @@ lower level modules</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_auth_form</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</td></tr>
</table>
<p>The <code class="directive"><a href="#authformlogoutlocation">AuthFormLogoutLocation</a></code> directive
specifies the URL of a page on the server to redirect to should the user attempt to log

9
docs/manual/mod/mod_auth_form.xml
View File

@@ -554,7 +554,8 @@ lower level modules</description>
<default>none</default>
<contextlist><context>directory</context>
</contextlist>
<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLoginRequiredLocation</directive> directive
@@ -577,7 +578,8 @@ lower level modules</description>
<default>none</default>
<contextlist><context>directory</context>
</contextlist>
<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLoginSuccessLocation</directive> directive
@@ -618,7 +620,8 @@ lower level modules</description>
<default>none</default>
<contextlist><context>directory</context>
</contextlist>
<compatibility>Available in Apache HTTP Server 2.3.0 and later</compatibility>
<compatibility>Available in Apache HTTP Server 2.3.0 and later. The use of the expression
parser has been added in 2.4.4.</compatibility>
<usage>
<p>The <directive module="mod_auth_form">AuthFormLogoutLocation</directive> directive

2
docs/manual/mod/mod_authn_socache.html.en
View File

@@ -186,6 +186,8 @@ AuthnCacheSOCache dbm
<tr><th><a href="directive-dict.html#Override">Override:</a></th><td>None</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_authn_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Optional provider arguments are available in
Apache HTTP Server 2.4.7 and later</td></tr>
</table>
<p>This is a server-wide setting to select a provider for the
<a href="../socache.html">shared object cache</a>, followed by

2
docs/manual/mod/mod_authn_socache.xml
View File

@@ -118,6 +118,8 @@ AuthnCacheSOCache dbm
<syntax>AuthnCacheSOCache <var>provider-name[:provider-args]</var></syntax>
<contextlist><context>server config</context></contextlist>
<override>None</override>
<compatibility>Optional provider arguments are available in
Apache HTTP Server 2.4.7 and later</compatibility>
<usage>
<p>This is a server-wide setting to select a provider for the

12
docs/manual/mod/mod_cache_socache.html.en
View File

@@ -92,7 +92,7 @@ CacheSocacheMaxSize 102400
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocache</code> directive defines the name of
the shared object cache implementation to use, followed by optional
@@ -114,7 +114,7 @@ cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocacheMaxSize</code> directive sets the
maximum size, in bytes, for the combined headers and body of a document
@@ -142,7 +142,7 @@ cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocacheMaxTime</code> directive sets the
maximum freshness lifetime, in seconds, for a document to be stored in
@@ -163,7 +163,7 @@ cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocacheMinTime</code> directive sets the
amount of seconds beyond the freshness lifetime of the response that the
@@ -185,7 +185,7 @@ cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocacheReadSize</code> directive sets the
minimum amount of data, in bytes, to be read from the backend before the
@@ -212,7 +212,7 @@ cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory, .htaccess</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_cache_socache</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.5 and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in Apache 2.4.5 and later</td></tr>
</table>
<p>The <code class="directive">CacheSocacheReadTime</code> directive sets the minimum amount
of elapsed time that should pass before making an attempt to send data

12
docs/manual/mod/mod_cache_socache.xml
View File

@@ -75,7 +75,7 @@ CacheSocacheMaxSize 102400
<syntax>CacheSocache <var>type[:args]</var></syntax>
<contextlist><context>server config</context><context>virtual host</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocache</directive> directive defines the name of
@@ -101,7 +101,7 @@ cache</description>
<context>directory</context>
<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocacheMaxTime</directive> directive sets the
@@ -126,7 +126,7 @@ cache</description>
<context>directory</context>
<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocacheMinTime</directive> directive sets the
@@ -152,7 +152,7 @@ cache</description>
<context>directory</context>
<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocacheMaxSize</directive> directive sets the
@@ -184,7 +184,7 @@ cache</description>
<context>directory</context>
<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocacheReadSize</directive> directive sets the
@@ -215,7 +215,7 @@ cache</description>
<context>directory</context>
<context>.htaccess</context>
</contextlist>
<compatibility>Available in Apache 2.5 and later</compatibility>
<compatibility>Available in Apache 2.4.5 and later</compatibility>
<usage>
<p>The <directive>CacheSocacheReadTime</directive> directive sets the minimum amount

3
docs/manual/mod/mod_proxy.html.en
View File

@@ -988,6 +988,7 @@ through</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host, directory</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Unix Domain Socket (UDS) support added in 2.4.7</td></tr>
</table>
<p>This directive allows remote servers to be mapped into the
space of the local server; the local server does not act as a
@@ -1004,7 +1005,7 @@ through</td></tr>
usually be set <strong>off</strong> when using
<code class="directive">ProxyPass</code>.</div>
<p>Support for using a Unix Domain Socket is available by using a url target
<p>In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target
which prepends <code>unix:/path/lis.sock|</code>. For example, to proxy
HTTP and target the UDS at /home/www/socket you would use
<code>unix:/home/www.socket|http://localhost/whatever/</code>. Since

3
docs/manual/mod/mod_proxy.xml
View File

@@ -849,6 +849,7 @@ expressions</description>
<contextlist><context>server config</context><context>virtual host</context>
<context>directory</context>
</contextlist>
<compatibility>Unix Domain Socket (UDS) support added in 2.4.7</compatibility>
<usage>
<p>This directive allows remote servers to be mapped into the
@@ -867,7 +868,7 @@ expressions</description>
usually be set <strong>off</strong> when using
<directive>ProxyPass</directive>.</note>
<p>Support for using a Unix Domain Socket is available by using a url target
<p>In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target
which prepends <code>unix:/path/lis.sock|</code>. For example, to proxy
HTTP and target the UDS at /home/www/socket you would use
<code>unix:/home/www.socket|http://localhost/whatever/</code>. Since

23
docs/manual/mod/mod_ssl.html.en
View File

@@ -517,9 +517,8 @@ contains the appropriate symbolic links.</p>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
</table>
<div class="note"><h3>SSLCertificateChainFile is deprecated</h3>
<p><code>SSLCertificateChainFile</code> became obsolete with version
2.5.0-dev as of 2013-12-28, when
<code class="directive"><a href="#sslcertificatefile">SSLCertificateFile</a></code>
<p><code>SSLCertificateChainFile</code> became obsolete with version 2.4.8,
when <code class="directive"><a href="#sslcertificatefile">SSLCertificateFile</a></code>
was extended to also load intermediate CA certificates from the server
certificate file.</p>
</div>
@@ -563,16 +562,16 @@ confused in this situation.</p>
<p>
This directive points to a file with certificate data in PEM format.
At a minimum, the file must include an end-entity (leaf) certificate.
Beginning with version 2.5.0-dev as of 2013-12-28, it may also
include intermediate CA certificates, sorted from leaf to root,
and obsoletes <code class="directive"><a href="#sslcertificatechainfile">SSLCertificateChainFile</a></code>.
Beginning with version 2.4.8, it may also include intermediate CA
certificates, sorted from leaf to root, and obsoletes
<code class="directive"><a href="#sslcertificatechainfile">SSLCertificateChainFile</a></code>.
</p>
<p>
Additional optional elements are DH parameters and/or an EC curve name
for ephemeral keys, as generated by <code>openssl dhparam</code> and
<code>openssl ecparam</code>, respectively (supported in version 2.5.0-dev
as of 2013-09-29), and finally, the end-entity certificate's private key.
<code>openssl ecparam</code>, respectively (supported in version 2.4.7
or later) and finally, the end-entity certificate's private key.
If the private key is encrypted, the pass phrase dialog is forced
at startup time.</p>
@@ -751,7 +750,7 @@ prefixes are:</p>
<div class="note">
<h3><code>aNULL</code>, <code>eNULL</code> and <code>EXP</code>
ciphers are always disabled</h3>
<p>Beginning with version 2.5.0-dev as of 2013-09-25, null and export-grade
<p>Beginning with version 2.4.7, null and export-grade
ciphers are always disabled, as mod_ssl unconditionally prepends any supplied
cipher suite string with <code>!aNULL:!eNULL:!EXP:</code> at initialization.</p>
</div>
@@ -1074,7 +1073,7 @@ which means that OCSP responses are considered valid as long as their
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.5-dev and later</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Available in httpd 2.4.10 and later</td></tr>
</table>
<p>This option determines whether queries to OCSP responders should contain
a nonce or not. By default, a query nonce is always used and checked against
@@ -1501,7 +1500,7 @@ compared against the hostname of the request URL. If both are not equal
a 502 status code (Bad Gateway) is sent.
</p>
<p>
SSLProxyCheckPeerCN has been superseded by
In 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by
<code class="directive"><a href="#sslproxycheckpeername">SSLProxyCheckPeerName</a></code>, and its
setting is only taken into account when
<code>SSLProxyCheckPeerName off</code> is specified at the same time.
@@ -1540,6 +1539,7 @@ sent.
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Apache HTTP Server 2.4.5 and later</td></tr>
</table>
<p>
This directive configures host name checking for server certificates
@@ -2122,6 +2122,7 @@ in the Session Cache</td></tr>
<tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr>
<tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
<tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_ssl</td></tr>
<tr><th><a href="directive-dict.html#Compatibility">Compatibility:</a></th><td>Applies also to RFC 5077 TLS session resumption in Apache 2.4.10 and later</td></tr>
</table>
<p>
This directive sets the timeout in seconds for the information stored in the

24
docs/manual/mod/mod_ssl.xml
View File

@@ -500,6 +500,7 @@ in the Session Cache</description>
<default>SSLSessionCacheTimeout 300</default>
<contextlist><context>server config</context>
<context>virtual host</context></contextlist>
<compatibility>Applies also to RFC 5077 TLS session resumption in Apache 2.4.10 and later</compatibility>
<usage>
<p>
@@ -737,7 +738,7 @@ prefixes are:</p>
<note>
<title><code>aNULL</code>, <code>eNULL</code> and <code>EXP</code>
ciphers are always disabled</title>
<p>Beginning with version 2.5.0-dev as of 2013-09-25, null and export-grade
<p>Beginning with version 2.4.7, null and export-grade
ciphers are always disabled, as mod_ssl unconditionally prepends any supplied
cipher suite string with <code>!aNULL:!eNULL:!EXP:</code> at initialization.</p>
</note>
@@ -815,16 +816,16 @@ SSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW
<p>
This directive points to a file with certificate data in PEM format.
At a minimum, the file must include an end-entity (leaf) certificate.
Beginning with version 2.5.0-dev as of 2013-12-28, it may also
include intermediate CA certificates, sorted from leaf to root,
and obsoletes <directive module="mod_ssl">SSLCertificateChainFile</directive>.
Beginning with version 2.4.8, it may also include intermediate CA
certificates, sorted from leaf to root, and obsoletes
<directive module="mod_ssl">SSLCertificateChainFile</directive>.
</p>
<p>
Additional optional elements are DH parameters and/or an EC curve name
for ephemeral keys, as generated by <code>openssl dhparam</code> and
<code>openssl ecparam</code>, respectively (supported in version 2.5.0-dev
as of 2013-09-29), and finally, the end-entity certificate's private key.
<code>openssl ecparam</code>, respectively (supported in version 2.4.7
or later) and finally, the end-entity certificate's private key.
If the private key is encrypted, the pass phrase dialog is forced
at startup time.</p>
@@ -908,9 +909,8 @@ SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
<usage>
<note><title>SSLCertificateChainFile is deprecated</title>
<p><code>SSLCertificateChainFile</code> became obsolete with version
2.5.0-dev as of 2013-12-28, when
<directive module="mod_ssl">SSLCertificateFile</directive>
<p><code>SSLCertificateChainFile</code> became obsolete with version 2.4.8,
when <directive module="mod_ssl">SSLCertificateFile</directive>
was extended to also load intermediate CA certificates from the server
certificate file.</p>
</note>
@@ -1258,7 +1258,6 @@ SSLVerifyDepth 10
<compatibility>Available in httpd 2.4.4 and later, if using OpenSSL 1.0.1 or
later</compatibility>
<usage>
<p>
This directive enables TLS-SRP and sets the path to the OpenSSL SRP (Secure
@@ -1843,7 +1842,7 @@ compared against the hostname of the request URL. If both are not equal
a 502 status code (Bad Gateway) is sent.
</p>
<p>
SSLProxyCheckPeerCN has been superseded by
In 2.4.5 and later, SSLProxyCheckPeerCN has been superseded by
<directive module="mod_ssl">SSLProxyCheckPeerName</directive>, and its
setting is only taken into account when
<code>SSLProxyCheckPeerName off</code> is specified at the same time.
@@ -1864,6 +1863,7 @@ SSLProxyCheckPeerCN on
<default>SSLProxyCheckPeerName on</default>
<contextlist><context>server config</context>
<context>virtual host</context></contextlist>
<compatibility>Apache HTTP Server 2.4.5 and later</compatibility>
<usage>
<p>
@@ -2289,7 +2289,7 @@ which means that OCSP responses are considered valid as long as their
<default>SSLOCSPUseRequestNonce on</default>
<contextlist><context>server config</context>
<context>virtual host</context></contextlist>
<compatibility>Available in httpd 2.5-dev and later</compatibility>
<compatibility>Available in httpd 2.4.10 and later</compatibility>
<usage>
<p>This option determines whether queries to OCSP responders should contain