From 269aef9f24d787f6c3738dfd291af147f2273dfb Mon Sep 17 00:00:00 2001 From: lidakaml <52534475+lidakaml@users.noreply.github.com> Date: Tue, 7 Jun 2022 17:51:39 +0300 Subject: [PATCH] add require_client_certs description in readme.md --- README.md | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index 65db7f1..c66406b 100644 --- a/README.md +++ b/README.md @@ -107,18 +107,19 @@ of Erlang property list. *Configuration variables* -| Variable name | Expected values | Apache equivalent | Definition ------------------------|------------------------------------|-----------------------|-------------------------------------------- -| `dev_mode` | `true`, `false` | None | Enables TCP access without TLS. -| `tls_port` | `700` | Listen | At which port should we open a TLS socket. Default is 700. -| `tcp_port` | `70000` | Listen | At which port should we open a TCP socket. Only in `dev_mode`. -| `epp_session_url` | `https://example.com/epp/session` | EppSessionRoot | HTTP address of the session endpoints including schema and port. -| `epp_command_url` | `https://example.com/epp/command` | EppCommandRoot | HTTP address of the command endpoints including schema and port. -| `epp_error_url` | `https://example.com/epp/error` | EppErrorRoot | HTTP address of the error endpoints including schema and port. -| `cacertfile_path` | `/opt/ca/ca.crt.pem` | SSLCACertificateFile | Where is the client root CA located. Can be inside apps/epp_proxy/priv or absolute path. -| `certfile_path` | `/opt/ca/server.crt.pem` | SSLCertificateFile | Where is the server certificate located. Can be inside apps/epp_proxy/priv or absolute path. -| `keyfile_path` | `/opt/ca/server.key.pem` | SSLCertificateKeyFile | Where is the server key located. Can be inside apps/epp_proxy/priv or absolute path. -| `crlfile_path` | `/opt/ca/crl.pem` | SSLCARevocationFile | Where is the CRL file located. Can be inside apps/epp_proxy/priv or absolute path. When not set, not CRL check is performed. +| Variable name | Expected values | Apache equivalent | Definition +-------------------------|------------------------------------|-----------------------|-------------------------------------------- +| `dev_mode` | `true`, `false` | None | Enables TCP access without TLS. +| `tls_port` | `700` | Listen | At which port should we open a TLS socket. Default is 700. +| `tcp_port` | `70000` | Listen | At which port should we open a TCP socket. Only in `dev_mode`. +| `epp_session_url` | `https://example.com/epp/session` | EppSessionRoot | HTTP address of the session endpoints including schema and port. +| `epp_command_url` | `https://example.com/epp/command` | EppCommandRoot | HTTP address of the command endpoints including schema and port. +| `epp_error_url` | `https://example.com/epp/error` | EppErrorRoot | HTTP address of the error endpoints including schema and port. +| `require_client_certs` | `true`, `false` | None | Enables TLS connections with required or optional client certificates. Provided optional client certificates are still being verified. +| `cacertfile_path` | `/opt/ca/ca.crt.pem` | SSLCACertificateFile | Where is the client root CA located. Can be inside apps/epp_proxy/priv or absolute path. +| `certfile_path` | `/opt/ca/server.crt.pem` | SSLCertificateFile | Where is the server certificate located. Can be inside apps/epp_proxy/priv or absolute path. +| `keyfile_path` | `/opt/ca/server.key.pem` | SSLCertificateKeyFile | Where is the server key located. Can be inside apps/epp_proxy/priv or absolute path. +| `crlfile_path` | `/opt/ca/crl.pem` | SSLCARevocationFile | Where is the CRL file located. Can be inside apps/epp_proxy/priv or absolute path. When not set, not CRL check is performed. Migrating from mod_epp