diff options
| author | Denys Fedoryshchenko <denys.f@collabora.com> | 2025-11-26 10:13:06 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-11-26 10:13:06 +0200 |
| commit | d2fb2d5b465808a606ead0131450d5664682c260 (patch) | |
| tree | 835c5fab52e8b5888ce4f0b686b819538ea5ebc1 | |
| parent | 9aebde5345cb78c9f37de12897c11979ef3a7cb7 (diff) | |
| parent | 1cce6419bfbecad654aff8858184d16c2bf766cd (diff) | |
| download | accel-ppp-d2fb2d5b465808a606ead0131450d5664682c260.tar.gz accel-ppp-d2fb2d5b465808a606ead0131450d5664682c260.zip | |
Merge pull request #264 from nuclearcat/cert-doc-update
docs: Update accel-ppp.conf about certificate configuration
| -rw-r--r-- | accel-pppd/accel-ppp.conf.5 | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5 index 01e7ac07..05ade262 100644 --- a/accel-pppd/accel-ppp.conf.5 +++ b/accel-pppd/accel-ppp.conf.5 @@ -842,11 +842,12 @@ is greater of zero then server ciphers should be preferred over client ciphers. Default is 0. .TP .BI "ssl-pemfile=" pemfile -Specifies a file with the chain of certificates in the PEM format for sstp server. -The certificates must be in PEM format and must be sorted starting with the -subject's certificate (actual server certificate), followed by intermediate CA -certificates if applicable, and ending at the highest level (root) CA. -Leaf (the first) certificate is also used to compute initial SHA1 and SHA256 +Specifies a PEM file with the server certificate. Files that contain only the +leaf certificate are still supported for backward compatibility. When the file +includes the full chain, certificates must be sorted starting with the subject's +certificate (actual server certificate), followed by intermediate CA +certificates if applicable, and ending at the highest level (root) CA. The leaf +certificate (first in the file) is used to compute the initial SHA1 and SHA256 certificate hash. .TP .BI "ssl-keyfile=" keyfile |
