move ssl.disable-client-renegotiation and added note that it currently doesnt work inside conditionals
git-svn-id: svn://svn.lighttpd.net/lighttpd/branches/lighttpd-1.4.x@2889 152afb58-edef-0310-8abb-c4023f1b3aa9
This commit is contained in:
parent
f8e9462d2f
commit
292b8d621b
|
@ -391,6 +391,14 @@ server.upload-dirs = ( "/var/tmp" )
|
|||
## hosting with SSL. If you want to run multiple SSL servers with
|
||||
## one lighttpd instance you must use IP-based virtual hosting: ::
|
||||
##
|
||||
## Mitigate CVE-2009-3555 by disabling client triggered renegotation
|
||||
## This is enabled by default.
|
||||
##
|
||||
## IMPORTANT: this setting can only be used in the global scope.
|
||||
## It does *not* work inside conditionals
|
||||
##
|
||||
# ssl.disable-client-renegotiation = "enable"
|
||||
##
|
||||
## $SERVER["socket"] == "10.0.0.1:443" {
|
||||
## ssl.engine = "enable"
|
||||
## ssl.pemfile = "/etc/ssl/private/www.example.com.pem"
|
||||
|
@ -408,11 +416,6 @@ server.upload-dirs = ( "/var/tmp" )
|
|||
## #
|
||||
## # ssl.honor-cipher-order = "enable"
|
||||
## #
|
||||
## # Mitigate CVE-2009-3555 by disabling client triggered renegotation
|
||||
## # This is enabled by default.
|
||||
## #
|
||||
## # ssl.disable-client-renegotiation = "enable"
|
||||
## #
|
||||
## server.name = "www.example.com"
|
||||
##
|
||||
## server.document-root = "/srv/www/vhosts/example.com/www/"
|
||||
|
|
Loading…
Reference in New Issue