summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDenys Fedoryshchenko <denys.f@collabora.com>2025-11-26 10:13:06 +0200
committerGitHub <noreply@github.com>2025-11-26 10:13:06 +0200
commitd2fb2d5b465808a606ead0131450d5664682c260 (patch)
tree835c5fab52e8b5888ce4f0b686b819538ea5ebc1
parent9aebde5345cb78c9f37de12897c11979ef3a7cb7 (diff)
parent1cce6419bfbecad654aff8858184d16c2bf766cd (diff)
downloadaccel-ppp-d2fb2d5b465808a606ead0131450d5664682c260.tar.gz
accel-ppp-d2fb2d5b465808a606ead0131450d5664682c260.zip
Merge pull request #264 from nuclearcat/cert-doc-update
docs: Update accel-ppp.conf about certificate configuration
-rw-r--r--accel-pppd/accel-ppp.conf.511
1 files changed, 6 insertions, 5 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5
index 01e7ac07..05ade262 100644
--- a/accel-pppd/accel-ppp.conf.5
+++ b/accel-pppd/accel-ppp.conf.5
@@ -842,11 +842,12 @@ is greater of zero then server ciphers should be preferred over client ciphers.
Default is 0.
.TP
.BI "ssl-pemfile=" pemfile
-Specifies a file with the chain of certificates in the PEM format for sstp server.
-The certificates must be in PEM format and must be sorted starting with the
-subject's certificate (actual server certificate), followed by intermediate CA
-certificates if applicable, and ending at the highest level (root) CA.
-Leaf (the first) certificate is also used to compute initial SHA1 and SHA256
+Specifies a PEM file with the server certificate. Files that contain only the
+leaf certificate are still supported for backward compatibility. When the file
+includes the full chain, certificates must be sorted starting with the subject's
+certificate (actual server certificate), followed by intermediate CA
+certificates if applicable, and ending at the highest level (root) CA. The leaf
+certificate (first in the file) is used to compute the initial SHA1 and SHA256
certificate hash.
.TP
.BI "ssl-keyfile=" keyfile