Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 44f6539e4796ac2069130185700fd48df3af2bdc^! / .
commit44f6539e4796ac2069130185700fd48df3af2bdc[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Tue Jun 25 07:56:20 2013 +0200
committerWilly Tarreau <w@1wt.eu>Tue Jun 25 07:56:20 2013 +0200
treeec72b5e3f5db76b0fcb23632b1b3808331b1839c
parent67db8df12ba640f639492e23d554a9cd09dfe8ad [diff]
DOC: remove the comment saying that SSL certs are not checked on the server side

Server certificate check was added in 1.5-dev13 but the comment on the "ssl"
keyword was not removed, leading to confusion about when to use it.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 675bb8e..8feee6e 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -8070,14 +8070,13 @@
   Supported in default-server: No
 
 ssl
-  This option enables SSL ciphering on outgoing connections to the server. At
-  the moment, server certificates are not checked, so this is prone to man in
-  the middle attacks. The real intended use is to permit SSL communication
-  with software which cannot work in other modes over networks that would
-  otherwise be considered safe enough for clear text communications. When this
-  option is used, health checks are automatically sent in SSL too unless there
-  is a "port" or an "addr" directive indicating the check should be sent to a
-  different location. See the "check-ssl" optino to force SSL health checks.
+  This option enables SSL ciphering on outgoing connections to the server. It
+  is critical to verify server certificates using "verify" when using SSL to
+  connect to servers, otherwise the communication is prone to trivial man in
+  the-middle attacks rendering SSL useless. When this option is used, health
+  checks are automatically sent in SSL too unless there is a "port" or an
+  "addr" directive indicating the check should be sent to a different location.
+  See the "check-ssl" optino to force SSL health checks.
 
   Supported in default-server: No
 
@@ -8095,7 +8094,9 @@
   to 'none', server certificate is not verified. This is the default. In the
   other case, The certificate provided by the server is verified using CAs from
   'ca-file' and optional CRLs from 'crl-file'. On verify failure the handshake
-  is aborted.
+  is aborted. It is critically important to verify server certificates when
+  using SSL to connect to servers, otherwise the communication is prone to
+  trivial man-in-the-middle attacks rendering SSL totally useless.
 
   Supported in default-server: No