qpid-dispatch git commit: DISPATCH-877 - Document new ciphers attribute. This closes #219

Tue, 28 Nov 2017 08:34:53 -0800 

Repository: qpid-dispatch
Updated Branches:
  refs/heads/master 00d1ea220 -> 95c9463e2


DISPATCH-877 - Document new ciphers attribute. This closes #219


Project: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/repo
Commit: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/commit/95c9463e
Tree: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/tree/95c9463e
Diff: http://git-wip-us.apache.org/repos/asf/qpid-dispatch/diff/95c9463e

Branch: refs/heads/master
Commit: 95c9463e247a26d1b7374992d7826214c2805b5f
Parents: 00d1ea2
Author: Ben Hardesty <bhard...@redhat.com>
Authored: Wed Nov 15 17:00:55 2017 -0500
Committer: Ganesh Murthy <gmur...@redhat.com>
Committed: Tue Nov 28 11:33:26 2017 -0500

----------------------------------------------------------------------
 doc/new-book/configuration-security.adoc | 12 ++++++++++++
 1 file changed, 12 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/qpid-dispatch/blob/95c9463e/doc/new-book/configuration-security.adoc
----------------------------------------------------------------------
diff --git a/doc/new-book/configuration-security.adoc 
b/doc/new-book/configuration-security.adoc
index c59a35f..4df8d4a 100644
--- a/doc/new-book/configuration-security.adoc
+++ b/doc/new-book/configuration-security.adoc
@@ -49,6 +49,7 @@ You must have the following files in PEM format:
 ----
 sslProfile {
     name: _NAME_
+    ciphers: _CIPHERS_
     certDb: _PATH_.pem
     certFile: _PATH_.pem
     keyFile: _PATH_.pem
@@ -66,6 +67,17 @@ For example:
 name: router-ssl-profile
 ----
 
+`ciphers`:: The SSL cipher suites that can be used by this SSL/TLS profile. If 
certain ciphers are unsuitable for your environment, you can use this attribute 
to restrict them from being used.
++
+To enable a cipher list, enter one or more cipher strings separated by colons 
(`:`). For example:
++
+[options="nowrap"]
+----
+ciphers: ALL:!aNULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
+----
++
+To see the full list of available ciphers, use the `openssl ciphers` command. 
For more information about each cipher, see the 
link:https://www.openssl.org/docs/manmaster/man1/ciphers.html[ciphers man 
page^].
+
 `certDb`:: The absolute path to the database that contains the public 
certificates of trusted certificate authorities (CA).
 +
 For example:


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org

Reply via email to