From: Francis Dupont <fdupont@isc.org>
Date: Thu, 21 Sep 2017 21:58:06 +0000 (+0200)
Subject: [5282] Applied Thomas' proposed diff
X-Git-Tag: trac5363_base~19^2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=04cc8f35c344d01dfb5d72e1ef2cb381bf26792e;p=thirdparty%2Fkea.git

[5282] Applied Thomas' proposed diff
---

diff --git a/doc/examples/https/nginx/kea-nginx.conf b/doc/examples/https/nginx/kea-nginx.conf
index ce4d551534..e68ffa39cd 100644
--- a/doc/examples/https/nginx/kea-nginx.conf
+++ b/doc/examples/https/nginx/kea-nginx.conf
@@ -39,7 +39,7 @@
 #
 #   curl -k --key kea-client.key --cert kea-client.crt -X POST \
 #        -H Content-Type:application/json -d '{ "command": "list-commands" }' \
-#         https://kea.example.org/kea
+#         https://kea.example.org
 #
 #   On some curl running on macOS the crypto library requires a PKCS#12
 #   bundle with the private key and the certificate as the cert argument.
@@ -52,7 +52,7 @@
 #
 #   curl -k --cert kea-client.p12:kea -X POST \
 #        -H Content-Type:application/json -d '{ "command": "list-commands" }' \
-#         https://kea.example.org/kea
+#         https://kea.example.org
 #
 #   nginx configuration starts here.
 
@@ -77,11 +77,12 @@ http {
         # Enable verification of the client certificate.
         ssl_verify_client on;
 
-        # For URLs such as https://kea.example.org/kea, forward the
-        # requests to http://127.0.0.1:8080.
-        # Use the / location for URLs with no path.
-        location /kea {
-            proxy_pass http://127.0.0.1:8080;
+        # For the URL https://kea.example.org forward the
+        # requests to http://127.0.0.1:8000.
+        # Since kea-shell doesn't currently support URLs with paths we
+        # use location /
+        location / {
+            proxy_pass http://127.0.0.1:8000;
         }
     }
 }
diff --git a/doc/examples/https/shell/kea-stunnel.conf b/doc/examples/https/shell/kea-stunnel.conf
index faa100034e..828c570106 100644
--- a/doc/examples/https/shell/kea-stunnel.conf
+++ b/doc/examples/https/shell/kea-stunnel.conf
@@ -12,7 +12,7 @@
 ;   (i.e. eavesdropping) and active (i.e. man-in-the-middle) attacks
 ;
 ;   kea-shell -- 127.0.0.1 port 8080 -->
-;       stunnel == 127.0.0.1 port 8443 ==>
+;       stunnel == 127.0.0.1 port 443 ==>
 ;           nginx -- 127.0.0.1 port 8000 -->
 ;               kea-agent
 ;
@@ -31,7 +31,7 @@
     accept = 127.0.0.1:8080
 
     ; forward requests to the https peer
-    connect = 127.0.0.1:8443
+    connect = 127.0.0.1:443
 
     ; client certificate
     cert = kea-client.crt