* Link note to SSLProxyCheckPeerCN and SSLProxyCheckPeerExpire directives which

author Ruediger Pluem <rpluem@apache.org>

Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)

committer Ruediger Pluem <rpluem@apache.org>

Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)
author Ruediger Pluem <rpluem@apache.org>
Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)
committer Ruediger Pluem <rpluem@apache.org>
Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)
diff --git a/docs/manual/mod/mod_ssl.xml b/docs/manual/mod/mod_ssl.xml

index 402e366c97fbb672297905c30e82b87937c27943..e44945046ac128805133b01f852ae254f7de7810 100644 (file)
--- a/docs/manual/mod/mod_ssl.xml
+++ b/docs/manual/mod/mod_ssl.xml
@@ -1473,7 +1473,12 @@ the proxy does not guarantee that the SSL connection to the backend
  server is "secure" beyond the fact that the certificate is signed by
  one of the CAs configured using the
  <directive>SSLProxyCACertificatePath</directive> and/or
-<directive>SSLProxyCACertificateFile</directive> directives.</p>
+<directive>SSLProxyCACertificateFile</directive> directives.
+In order to get this check done please have a look at
+<directive>SSLProxyCheckPeerCN</directive> and
+<directive>SSLProxyCheckPeerExpire</directive> directives which are off by
+default.
+</p>
  </note>
  
  <p>
author	Ruediger Pluem <rpluem@apache.org>
	Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)
committer	Ruediger Pluem <rpluem@apache.org>
	Tue, 13 Oct 2009 16:20:03 +0000 (16:20 +0000)