aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMagnus Henoch <[email protected]>2016-02-04 18:28:16 +0000
committerMagnus Henoch <[email protected]>2016-04-01 15:45:15 +0100
commit1a5ef986efb0461b3b87dc836036d661def4c4b5 (patch)
tree2c8d12759db97c4bb722389abd3346ded58f6c3c
parent8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c (diff)
downloadotp-1a5ef986efb0461b3b87dc836036d661def4c4b5.tar.gz
otp-1a5ef986efb0461b3b87dc836036d661def4c4b5.tar.bz2
otp-1a5ef986efb0461b3b87dc836036d661def4c4b5.zip
Improve formatting for crl_{check,cache} options
-rw-r--r--lib/ssl/doc/src/ssl.xml23
1 files changed, 14 insertions, 9 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 82bede69d0..a1fba5fbff 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -331,31 +331,36 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid
<tag><c>{crl_check, boolean() | peer | best_effort }</c></tag>
<item>
- Perform CRL (Certificate Revocation List) verification
+ <p>Perform CRL (Certificate Revocation List) verification
<seealso marker="public_key:public_key#pkix_crls_validate-3">
(public_key:pkix_crls_validate/3)</seealso> on all the certificates during the path validation
<seealso
marker="public_key:public_key#pkix_path_validation-3">(public_key:pkix_path_validation/3)
</seealso>
- of the certificate chain. Defaults to false.
+ of the certificate chain. Defaults to <c>false</c>.</p>
- <p><c>peer</c> - check is only performed on
- the peer certificate.</p>
+ <taglist>
+ <tag><c>peer</c></tag>
+ <item>check is only performed on the peer certificate.</item>
- <p><c>best_effort</c> - if certificate revocation status can not be determined
- it will be accepted as valid.</p>
+ <tag><c>best_effort</c></tag>
+ <item>if certificate revocation status can not be determined
+ it will be accepted as valid.</item>
+ </taglist>
<p>The CA certificates specified for the connection will be used to
construct the certificate chain validating the CRLs.</p>
- <p>The CRLs will be fetched from a local or external cache see
+ <p>The CRLs will be fetched from a local or external cache. See
<seealso marker="ssl:ssl_crl_cache_api">ssl_crl_cache_api(3)</seealso>.</p>
</item>
<tag><c>{crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}</c></tag>
<item>
- <p>Module defaults to ssl_crl_cache with <c> DbHandle </c> internal and an
- empty argument list. The following arguments may be specified for the internal cache.</p>
+ <p>Specify how to perform lookup and caching of certificate revocation lists.
+ <c>Module</c> defaults to <seealso marker="ssl:ssl_crl_cache">ssl_crl_cache</seealso>
+ with <c> DbHandle </c> being <c>internal</c> and an
+ empty argument list. The following arguments may be specified for the internal cache:</p>
<taglist>
<tag><c>{http, timeout()}</c></tag>
<item><p>