[PATCH 3/5] Add x509.crl option to man page.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Rik Theys <rik.theys@gmail.com>
To: kernel-tls-handshake@lists.linux.dev
Cc: Rik Theys <Rik.Theys@gmail.com>
Subject: [PATCH 3/5] Add x509.crl option to man page.
Date: Wed, 18 Jun 2025 11:00:38 +0200	[thread overview]
Message-ID: <20250618090040.566838-4-Rik.Theys@gmail.com> (raw)
In-Reply-To: <20250618090040.566838-1-Rik.Theys@gmail.com>

Update the man page to include the x509.crl option available
in the authenticate.server and authenticate.client section.

Signed-off-by: Rik Theys <Rik.Theys@gmail.com>
---
 src/tlshd/tlshd.conf.man | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/src/tlshd/tlshd.conf.man b/src/tlshd/tlshd.conf.man
index 9d6d92f..745058a 100644
--- a/src/tlshd/tlshd.conf.man
+++ b/src/tlshd/tlshd.conf.man
@@ -94,7 +94,7 @@ and it consults the settings in the
 .I [server]
 subsection when handling the server end of a handshake.
 .P
-In each of these two subsections, there are three available options:
+In each of these two subsections, there are four available options:
 .TP
 .B x509.truststore
 This option specifies the pathname of a file containing a
@@ -104,6 +104,13 @@ If this option is not specified,
 .B tlshd
 uses the system's trust store.
 .TP
+.B x509.crl
+This option specifies the pathname of a file containing a
+PEM-encoded certificate revocation list (CRL) that is to be
+used to verify the revocation status of a certificate during
+a handshake.
+If this option is not specified, no CRL checking takes place.
+.TP
 .B x509.certificate
 This option specifies the pathname of a file containing
 a PEM-encoded x.509 certificate that is to be presented during
-- 
2.49.0

next prev parent reply	other threads:[~2025-06-18  9:01 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-06-18  9:00 [PATCH 0/3] Add CRL checking to server and client (v2) Rik Theys
2025-06-18  9:00 ` [PATCH 1/5] Add server-side CRL checking Rik Theys
2025-06-18  9:00 ` [PATCH 2/5] Add client-side " Rik Theys
2025-06-18  9:00 ` Rik Theys [this message]
2025-06-18  9:00 ` [PATCH 4/5] Move server-side CRL code to common function Rik Theys
2025-06-18  9:00 ` [PATCH 5/5] Move client-side " Rik Theys

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9d6d92f dfblob:745058a )
 OR (
bs:"[PATCH 3/5] Add x509.crl option to man page." )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20250618090040.566838-4-Rik.Theys@gmail.com \
    --to=rik.theys@gmail.com \
    --cc=kernel-tls-handshake@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.