diff options
| author | David Vossel <dvossel@digium.com> | 2009-04-29 14:39:48 +0000 |
|---|---|---|
| committer | David Vossel <dvossel@digium.com> | 2009-04-29 14:39:48 +0000 |
| commit | ca138fc807f587a0145f68ceac824652633cb853 (patch) | |
| tree | 622e972760e11646f05bdb377f471f42a6608dcc /configs/http.conf.sample | |
| parent | 77f08759b53eafc1f448c016c86d34dc58f51b76 (diff) | |
Consistent SSL/TLS options across conf files
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix. For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf. Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
Review: http://reviewboard.digium.com/r/237/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191028 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'configs/http.conf.sample')
| -rw-r--r-- | configs/http.conf.sample | 19 |
1 files changed, 9 insertions, 10 deletions
diff --git a/configs/http.conf.sample b/configs/http.conf.sample index 9d3769712..a47a2d653 100644 --- a/configs/http.conf.sample +++ b/configs/http.conf.sample @@ -46,17 +46,16 @@ bindaddr=127.0.0.1 ;redirect = / /static/config/cfgbasic.html ; ; HTTPS support. In addition to enabled=yes, you need to -; explicitly enable ssl, define the port to use, +; explicitly enable tls, define the port to use, ; and have a certificate somewhere. -; sslenable=yes ; enable ssl - default no. -; sslbindport=4433 ; port to use - default is 8089 -; sslbindaddr=0.0.0.0 ; address to bind to - default is bindaddr. -; -; -; sslcert=</path/to/certificate.pem> ; path to the certificate file (*.pem) only. -; sslprivatekey=</path/to/private.pem> ; path to private key file (*.pem) only. -; If no path is given for sslcert or sslprivatekey, default is to look in current -; directory. If no sslprivatekey is given, default is to search sslcert for private key. +;tlsenable=yes ; enable tls - default no. +;tlsbindport=4433 ; port to use - default is 8089 +;tlsbindaddr=0.0.0.0 ; address to bind to - default is bindaddr. +; +;tlscertfile=</path/to/certificate.pem> ; path to the certificate file (*.pem) only. +;tlsprivatekey=</path/to/private.pem> ; path to private key file (*.pem) only. +; If no path is given for tlscertfile or tlsprivatekey, default is to look in current +; directory. If no tlsprivatekey is given, default is to search tlscertfile for private key. ; ; To produce a certificate you can e.g. use openssl. This places both the cert and ; private in same .pem file. |