.\"
-.\" "$Id: client.conf.man.in 5182 2006-02-26 04:10:27Z mike $"
+.\" "$Id: client.conf.man.in 13138 2016-03-15 14:59:54Z msweet $"
.\"
-.\" client.conf man page for the Common UNIX Printing System (CUPS).
+.\" client.conf man page for CUPS.
.\"
-.\" Copyright 2006 by Easy Software Products.
+.\" Copyright 2007-2015 by Apple Inc.
+.\" Copyright 2006 by Easy Software Products.
.\"
-.\" These coded instructions, statements, and computer programs are the
-.\" property of Easy Software Products and are protected by Federal
-.\" copyright law. Distribution and use rights are outlined in the file
-.\" "LICENSE.txt" which should have been included with this file. If this
-.\" file is missing or damaged please contact Easy Software Products
-.\" at:
+.\" These coded instructions, statements, and computer programs are the
+.\" property of Apple Inc. and are protected by Federal copyright
+.\" law. Distribution and use rights are outlined in the file "LICENSE.txt"
+.\" which should have been included with this file. If this file is
+.\" file is missing or damaged, see the license at "http://www.cups.org/".
.\"
-.\" Attn: CUPS Licensing Information
-.\" Easy Software Products
-.\" 44141 Airport View Drive, Suite 204
-.\" Hollywood, Maryland 20636 USA
-.\"
-.\" Voice: (301) 373-9600
-.\" EMail: cups-info@cups.org
-.\" WWW: http://www.cups.org
-.\"
-.TH client.conf 5 "Common UNIX Printing System" "25 February 2006" "Easy Software Products"
+.TH client.conf 5 "CUPS" "19 May 2015" "Apple Inc."
.SH NAME
-client.conf \- client configuration file for cups
+client.conf \- client configuration file for cups (deprecated)
.SH DESCRIPTION
-The \fIclient.conf\fR file configures the CUPS client and is
-normally located in the \fI@CUPS_SERVERROOT@\fR or \fI~/.cups\fR
-directory. Each line in the file can be a configuration
-directive, a blank line, or a comment. Comment lines start with
-the # character.
-.SH DIRECTIVES
-The following directives are understood by the client. Consult the
-on-line help for detailed descriptions:
-.TP 5
-Encryption IfRequested
-.TP 5
-Encryption Never
-.TP 5
-Encryption Required
-.br
-Specifies the level of encryption that is required for a particular
-location.
-.TP 5
-ServerName hostname-or-ip-address[:port]
-.TP 5
-ServerName /domain/socket
-.br
-Specifies the address and optionally the port to use when
-connecting to the server
+The \fBclient.conf\fR file configures the CUPS client and is normally located in the \fI/etc/cups\fR and/or \fI~/.cups\fR directories.
+Each line in the file can be a configuration directive, a blank line, or a comment. Comment lines start with the # character.
+.LP
+\fBNote:\fR Starting with OS X 10.7, this file is only used by command-line and X11 applications plus the IPP backend.
+The \fBServerName\fR directive is not supported on OS X at all.
+.SS DIRECTIVES
+The following directives are understood by the client. Consult the online help for detailed descriptions:
+.TP 5
+\fBAllowAnyRoot Yes\fR
+.TP 5
+\fBAllowAnyRoot No\fR
+Specifies whether to allow TLS with certificates that have not been signed by a trusted Certificate Authority.
+The default is "Yes".
+.TP 5
+\fBAllowExpiredCerts Yes\fR
+.TP 5
+\fBAllowExpiredCerts No\fR
+Specifies whether to allow TLS with expired certificates.
+The default is "Yes".
+.TP 5
+\fBEncryption IfRequested\fR
+.TP 5
+\fBEncryption Never\fR
+.TP 5
+\fBEncryption Required\fR
+Specifies the level of encryption that should be used.
+.TP 5
+\fBGSSServiceName \fIname\fR
+Specifies the Kerberos service name that is used for authentication, typically "host", "http", or "ipp".
+CUPS adds the remote hostname ("name@server.example.com") for you. The default name is "http".
+.TP 5
+\fBServerName \fIhostname-or-ip-address\fR[\fI:port\fR]
+.TP 5
+\fBServerName \fI/domain/socket\fR
+Specifies the address and optionally the port to use when connecting to the server.
+\fBNote: This directive it not supported on OS X 10.7 or later.\fR
+.TP 5
+\fBServerName \fIhostname-or-ip-address\fR[\fI:port\fR]\fB/version=1.1\fR
+Specifies the address and optionally the port to use when connecting to a server running CUPS 1.3.12 and earlier.
+.TP 5
+\fBSSLOptions \fR[\fIAllowDH\fR] [\fIAllowRC4\fR] [\fIAllowSSL3\fR] [\fIDenyTLS1.0\fR]
+.TP 5
+\fBSSLOptions None\fR
+Sets encryption options (only in /etc/cups/client.conf).
+By default, CUPS only supports encryption using TLS v1.0 or higher using known secure cipher suites.
+The \fIAllowDH\fR option enables cipher suites using plain Diffie-Hellman key negotiation.
+The \fIAllowRC4\fR option enables the 128-bit RC4 cipher suites, which are required for some older clients that do not implement newer ones.
+The \fIAllowSSL3\fR option enables SSL v3.0, which is required for some older clients that do not support TLS v1.0.
+The \fIDenyTLS1.0\fR option disables TLS v1.0 support - this sets the minimum protocol version to TLS v1.1.
+.TP 5
+\fBUser \fIname\fR
+Specifies the default user name to use for requests.
+.TP 5
+\fBValidateCerts Yes\fR
+.TP 5
+\fBValidateCerts No\fR
+Specifies whether to only allow TLS with certificates whose common name matches the hostname.
+The default is "No".
+.SH NOTES
+The \fBclient.conf\fR file is deprecated and will no longer be supported in a future version of CUPS.
.SH SEE ALSO
-http://localhost:631/help
+.BR cups (1),
+CUPS Online Help (http://localhost:631/help)
.SH COPYRIGHT
-Copyright 2006 by Easy Software Products, All Rights Reserved.
+Copyright \[co] 2007-2015 by Apple Inc.
.\"
-.\" End of "$Id: client.conf.man.in 5182 2006-02-26 04:10:27Z mike $".
+.\" End of "$Id: client.conf.man.in 13138 2016-03-15 14:59:54Z msweet $".
.\"