Commit 247957a1 authored by Ondřej Kuzník's avatar Ondřej Kuzník Committed by Quanah Gibson-Mount
Browse files

ITS#9071 Document "tls none" for back-ldap

parent 7e551773
...@@ -575,7 +575,7 @@ is used. ...@@ -575,7 +575,7 @@ is used.
.HP .HP
.hy 0 .hy 0
.B tls {[try\-]start|[try\-]propagate|ldaps} .B tls {none|[try\-]start|[try\-]propagate|ldaps}
.B [starttls=no] .B [starttls=no]
.B [tls_cert=<file>] .B [tls_cert=<file>]
.B [tls_key=<file>] .B [tls_key=<file>]
...@@ -585,12 +585,13 @@ is used. ...@@ -585,12 +585,13 @@ is used.
.B [tls_cipher_suite=<ciphers>] .B [tls_cipher_suite=<ciphers>]
.B [tls_crlcheck=none|peer|all] .B [tls_crlcheck=none|peer|all]
.RS .RS
Specify the use of TLS when a regular connection is initialized. The Specify TLS settings for regular connections.
StartTLS extended operation will be used unless the URI directive protocol
scheme is \fBldaps://\fP. In that case this keyword may only be The first parameter only applies to \fBldap://\fP connections and so
set to "ldaps" and the StartTLS operation will not be used. at the moment, \fBnone\fP and \fBldaps\fP are equivalent.
\fBpropagate\fP issues the StartTLS operation only if the original
connection did. With \fBpropagate\fP, the proxy issues StartTLS operation only if
the original connection has a TLS layer set up.
The \fBtry\-\fP prefix instructs the proxy to continue operations The \fBtry\-\fP prefix instructs the proxy to continue operations
if the StartTLS operation failed; its use is \fBnot\fP recommended. if the StartTLS operation failed; its use is \fBnot\fP recommended.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment