diff options
author | Magnus Henoch <[email protected]> | 2016-02-04 18:28:16 +0000 |
---|---|---|
committer | Magnus Henoch <[email protected]> | 2016-04-01 15:45:15 +0100 |
commit | 1a5ef986efb0461b3b87dc836036d661def4c4b5 (patch) | |
tree | 2c8d12759db97c4bb722389abd3346ded58f6c3c /lib/ssl/doc/src | |
parent | 8fbd0e8dd05ba1f76f2d02a2e4c16e7973adfd4c (diff) | |
download | otp-1a5ef986efb0461b3b87dc836036d661def4c4b5.tar.gz otp-1a5ef986efb0461b3b87dc836036d661def4c4b5.tar.bz2 otp-1a5ef986efb0461b3b87dc836036d661def4c4b5.zip |
Improve formatting for crl_{check,cache} options
Diffstat (limited to 'lib/ssl/doc/src')
-rw-r--r-- | lib/ssl/doc/src/ssl.xml | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 82bede69d0..a1fba5fbff 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -331,31 +331,36 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid <tag><c>{crl_check, boolean() | peer | best_effort }</c></tag> <item> - Perform CRL (Certificate Revocation List) verification + <p>Perform CRL (Certificate Revocation List) verification <seealso marker="public_key:public_key#pkix_crls_validate-3"> (public_key:pkix_crls_validate/3)</seealso> on all the certificates during the path validation <seealso marker="public_key:public_key#pkix_path_validation-3">(public_key:pkix_path_validation/3) </seealso> - of the certificate chain. Defaults to false. + of the certificate chain. Defaults to <c>false</c>.</p> - <p><c>peer</c> - check is only performed on - the peer certificate.</p> + <taglist> + <tag><c>peer</c></tag> + <item>check is only performed on the peer certificate.</item> - <p><c>best_effort</c> - if certificate revocation status can not be determined - it will be accepted as valid.</p> + <tag><c>best_effort</c></tag> + <item>if certificate revocation status can not be determined + it will be accepted as valid.</item> + </taglist> <p>The CA certificates specified for the connection will be used to construct the certificate chain validating the CRLs.</p> - <p>The CRLs will be fetched from a local or external cache see + <p>The CRLs will be fetched from a local or external cache. See <seealso marker="ssl:ssl_crl_cache_api">ssl_crl_cache_api(3)</seealso>.</p> </item> <tag><c>{crl_cache, {Module :: atom(), {DbHandle :: internal | term(), Args :: list()}}}</c></tag> <item> - <p>Module defaults to ssl_crl_cache with <c> DbHandle </c> internal and an - empty argument list. The following arguments may be specified for the internal cache.</p> + <p>Specify how to perform lookup and caching of certificate revocation lists. + <c>Module</c> defaults to <seealso marker="ssl:ssl_crl_cache">ssl_crl_cache</seealso> + with <c> DbHandle </c> being <c>internal</c> and an + empty argument list. The following arguments may be specified for the internal cache:</p> <taglist> <tag><c>{http, timeout()}</c></tag> <item><p> |