This is an automated email from the ASF dual-hosted git repository.
maskit pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new 273b496f8c Note that some settings are unavailable with BoringSSL
(#11918)
273b496f8c is described below
commit 273b496f8ca379cc42cc37d6b8fe7d78253811c9
Author: Masakazu Kitajo <[email protected]>
AuthorDate: Tue Dec 17 16:36:55 2024 -0700
Note that some settings are unavailable with BoringSSL (#11918)
---
doc/admin-guide/files/records.yaml.en.rst | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/doc/admin-guide/files/records.yaml.en.rst
b/doc/admin-guide/files/records.yaml.en.rst
index 91870b731a..176da254a9 100644
--- a/doc/admin-guide/files/records.yaml.en.rst
+++ b/doc/admin-guide/files/records.yaml.en.rst
@@ -3638,7 +3638,7 @@ SSL Termination
TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256
- This configuration works with OpenSSL v1.1.1 and above.
+ This configuration works with OpenSSL v1.1.1 and above. BoringSSL does not
support customizing the list.
.. ts:cv:: CONFIG proxy.config.ssl.server.honor_cipher_order INT 1
@@ -3650,13 +3650,13 @@ SSL Termination
By enabling it (``1``) |TS| will temporarily reprioritize ChaCha20-Poly1305
ciphers to the top of the
server cipher list if a ChaCha20-Poly1305 cipher is at the top of the
client cipher list.
- This configuration works with OpenSSL v1.1.1 and above.
+ This configuration works with OpenSSL v1.1.1 and above. BoringSSL does not
support this.
.. ts:cv:: CONFIG proxy.config.ssl.client.TLSv1_3.cipher_suites STRING <See
notes under proxy.config.ssl.server.tls.cipher_suites>
Configures the cipher_suites which |TS| will use for TLSv1.3
connections to origin or next hop. This configuration works
- with OpenSSL v1.1.1 and above.
+ with OpenSSL v1.1.1 and above. BoringSSL does not support customizing the
list.
The current default is:
