summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Fedoryshchenko <denys.f@collabora.com>2025-11-23 19:09:18 +0200
committerDenys Fedoryshchenko <denys.f@collabora.com>2025-11-23 19:09:18 +0200
commit1cce6419bfbecad654aff8858184d16c2bf766cd (patch)
tree835c5fab52e8b5888ce4f0b686b819538ea5ebc1
parent9aebde5345cb78c9f37de12897c11979ef3a7cb7 (diff)
downloadaccel-ppp-1cce6419bfbecad654aff8858184d16c2bf766cd.tar.gz
accel-ppp-1cce6419bfbecad654aff8858184d16c2bf766cd.zip
docs: Update accel-ppp.conf about certificate configuration
This is follow-up for https://github.com/accel-ppp/accel-ppp/pull/238 Adding missing documentation update. Signed-off-by: Denys Fedoryshchenko <denys.f@collabora.com>
-rw-r--r--accel-pppd/accel-ppp.conf.511
1 files changed, 6 insertions, 5 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5
index 01e7ac07..05ade262 100644
--- a/accel-pppd/accel-ppp.conf.5
+++ b/accel-pppd/accel-ppp.conf.5
@@ -842,11 +842,12 @@ is greater of zero then server ciphers should be preferred over client ciphers.
Default is 0.
.TP
.BI "ssl-pemfile=" pemfile
-Specifies a file with the chain of certificates in the PEM format for sstp server.
-The certificates must be in PEM format and must be sorted starting with the
-subject's certificate (actual server certificate), followed by intermediate CA
-certificates if applicable, and ending at the highest level (root) CA.
-Leaf (the first) certificate is also used to compute initial SHA1 and SHA256
+Specifies a PEM file with the server certificate. Files that contain only the
+leaf certificate are still supported for backward compatibility. When the file
+includes the full chain, certificates must be sorted starting with the subject's
+certificate (actual server certificate), followed by intermediate CA
+certificates if applicable, and ending at the highest level (root) CA. The leaf
+certificate (first in the file) is used to compute the initial SHA1 and SHA256
certificate hash.
.TP
.BI "ssl-keyfile=" keyfile