[rs-commit] r80 - in /rs-manual/trunk/src/site: resources/images/mod_ca_crl.png xhtml5/mod/mod_ca_crl.xhtml5
rs-commit at redwax.eu
rs-commit at redwax.eu
Wed Oct 9 23:03:08 CEST 2019
Author: minfrin at redwax.eu
Date: Wed Oct 9 23:03:08 2019
New Revision: 80
Log:
Add cos for mod_ca_crl.
Added:
rs-manual/trunk/src/site/resources/images/mod_ca_crl.png (with props)
rs-manual/trunk/src/site/xhtml5/mod/mod_ca_crl.xhtml5
Added: rs-manual/trunk/src/site/resources/images/mod_ca_crl.png
==============================================================================
Binary file - no diff available.
Propchange: rs-manual/trunk/src/site/resources/images/mod_ca_crl.png
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: rs-manual/trunk/src/site/xhtml5/mod/mod_ca_crl.xhtml5
==============================================================================
--- rs-manual/trunk/src/site/xhtml5/mod/mod_ca_crl.xhtml5 (added)
+++ rs-manual/trunk/src/site/xhtml5/mod/mod_ca_crl.xhtml5 Wed Oct 9 23:03:08 2019
@@ -0,0 +1,209 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml" lang="en">
+ <head>
+ <title>mod_ca_crl Module</title>
+ <meta name="description" content="Read a certificate revocation list from a file on disk." />
+ <meta name="mod-ca-type" content="backend" />
+ </head>
+ <body>
+ <div class="index align-left">
+
+ <section class="wrapper style1 align-center"
+ id="introduction">
+ <div class="inner">
+ <h2>Certificate Revocation List Backend Module</h2>
+ <p>Read a certificate revocation list from a file on disk, and make the CRL available
+ to any module that wants one.</p>
+
+ <div class="index align-left">
+
+ <section>
+ <header>
+ <h3>What does it do?</h3>
+ </header>
+ <div class="content">
+
+ <p>
+ Based on configuration providing the name of the certificate
+ revocation list file on disk, the certificate revocation list
+ is returned to the calling module as per
+ <a href="https://tools.ietf.org/html/rfc5280">RFC5280</a>.
+ </p>
+
+ </div>
+ </section>
+
+
+ </div>
+ </div>
+ </section>
+
+
+
+ <section class="wrapper style1 align-center" id="integration">
+ <div class="inner">
+ <h2>Module Integration</h2>
+ <p>
+ The
+ <code>mod_ca_crl</code>
+ module is a
+ <a href="mod_ca.html#backend">backend module</a>
+ and will not do anything useful until
+ <code>mod_ca_crl</code>
+ has been combined with one or
+ more
+ <a href="mod_ca.html#frontend">frontend modules</a>
+ listed below. The
+ <code>mod_ca_crl</code>
+ module uses the following hook to return the certificate revocation list, and suitable
+ <a href="mod_ca.html#frontend">frontend modules</a>
+ must be configured to implement each protocol as needed.
+ </p>
+
+ <p>
+ All <a href="mod_ca.html#backend">backend modules</a> run within
+ a standard Apache httpd request, and standard httpd functionality
+ applies in all cases.
+ </p>
+
+ <div>
+ <img src="../images/mod_ca_crl.png" style="width: 100%;" />
+ </div>
+
+ <div class="index align-left">
+
+ <section>
+ <header>
+ <h3>
+ <a href="mod_ca.html#ca_getcrl">Certificate Revocation List Hook</a>
+ </h3>
+ </header>
+ <div class="content">
+ <p>This hook returns the certificate revocation list for the configured
+ certificate authority.
+ </p>
+ <table>
+ <tbody>
+ <tr>
+ <td>
+ <a href="mod_crl.html">mod_crl</a>
+ </td>
+ <td>Generate and return a certificate revocation list as a response.</td>
+ </tr>
+ </tbody>
+ </table>
+ </div>
+ </section>
+
+
+ </div>
+ </div>
+ </section>
+
+
+ <section class="wrapper style1 align-center"
+ id="directive-reference">
+ <div class="inner">
+ <h2>Examples</h2>
+ <div class="index align-left">
+
+ <section>
+ <header>
+ <h3>Basic Example</h3>
+ </header>
+ <div class="content">
+ <p>The simplest case: return the certificate revocation list to anybody who wants one.</p>
+<pre><code><![CDATA[
+# backend configuration:
+<IfModule mod_ca_crl.c>
+ # return this crl
+ CACRLCertificateRevocationList /etc/pki/tls/ca-crl.pem
+</IfModule>
+
+# frontend configuration:
+<IfModule mod_crl.c>
+ <Location /crl>
+ SetHandler crl
+ </Location>
+</IfModule>
+]]></code></pre>
+ </div>
+ </section>
+
+ </div>
+ </div>
+ </section>
+
+
+ <section class="wrapper style1 align-center"
+ id="directive-reference">
+ <div class="inner">
+ <h2>Directive Reference</h2>
+ <div class="index align-left">
+
+ <section>
+ <header>
+ <h3>CACRLCertificateRevocationList Directive</h3>
+ </header>
+ <div class="content">
+
+ <table>
+ <tbody>
+ <tr>
+ <td>Description</td>
+ <td>The max-age of the certificate revocation list will be divided by this
+ factor.</td>
+ </tr>
+ <tr>
+ <td>Syntax</td>
+ <td>
+ <code>CACRLCertificateRevocationList file</code>
+ </td>
+ </tr>
+ <tr>
+ <td>Default</td>
+ <td>
+ <code>none</code>
+ </td>
+ </tr>
+ <tr>
+ <td>Context</td>
+ <td>server config, virtual host, directory, .htaccess</td>
+ </tr>
+ <tr>
+ <td>Status</td>
+ <td>
+ <a href="mod_ca.html#backend">Backend</a>
+ </td>
+ </tr>
+ <tr>
+ <td>Module</td>
+ <td>mod_ca_crl</td>
+ </tr>
+ <tr>
+ <td>Compatibility</td>
+ <td>Introduced in mod_ca 0.2.0 and works with Apache HTTP
+ Server 2.4.0 and later</td>
+ </tr>
+ </tbody>
+ </table>
+
+ <p>Set to the name of the file containing the certificate revocation
+ list.</p>
+
+ <p>The file is loaded into memory on httpd startup, and a graceful
+ restart is needed when updating the file to reload the file into
+ the server.</p>
+
+ </div>
+ </section>
+
+ </div>
+ </div>
+ </section>
+
+ </div>
+ </body>
+</html>
+
More information about the rs-commit
mailing list