<tag>cache_peer</tag>
<p>New option <em>auth-no-keytab</em> to let GSSAPI implementation determine
which Kerberos credentials to use, instead of specifying a keytab.
+ <p>Replaced option <em>ssl</em> with <em>tls</em>. Use of any
+ <em>tls-</em> prefixed options implies <em>tls</em> is enabled.
<p>New option <em>tls-min-version=1.N</em> to set minimum TLS version allowed.
<p>New option <em>tls-default-ca</em> replaces <em>sslflags=NO_DEFAULT_CA</em>
<p>New option <em>tls-no-npn</em> to disable sending TLS NPN extension.
have been removed.
<p>Removed <em>sslversion=</em> option. Use <em>tls-options=</em> instead.
<p>Manual squid.conf update may be required on upgrade.
- <p>Replaced <em>sslcafile=</em> with <em>tls-cafile=</em> which takes multiple entries.
+ <p>Replaced option <em>sslcafile=</em> with <em>tls-cafile=</em>
+ which takes multiple entries.
<tag>external_acl_type</tag>
<p>New parameter <em>queue-size=</em> to set the maximum number
#endif
} else if (strncmp(token, "tls-", 4) == 0) {
p->secure.parse(token+4);
+ } else if (strncmp(token, "tls", 3) == 0) {
+ p->secure.parse(token+3);
} else if (strcmp(token, "front-end-https") == 0) {
p->front_end_https = 1;
} else if (strcmp(token, "front-end-https=on") == 0) {
==== SSL / HTTPS / TLS OPTIONS ====
- ssl Encrypt connections to this peer with SSL/TLS.
+ tls Encrypt connections to this peer with TLS.
sslcert=/path/to/ssl/certificate
A client SSL certificate to use when connecting to