diff options
| author | rcritten <> | 2005-08-19 21:42:43 +0000 |
|---|---|---|
| committer | rcritten <> | 2005-08-19 21:42:43 +0000 |
| commit | 862552622978b3d2a86ebaea833ce8c79246439a (patch) | |
| tree | a62b70f5f1561f71b72e1f6c84c479c4eff6a36b /docs/mod_nss.html | |
| parent | 203bed3bd17a0b9e6eac50a071242d9616d2a7bb (diff) | |
| download | mod_nss-862552622978b3d2a86ebaea833ce8c79246439a.tar.gz mod_nss-862552622978b3d2a86ebaea833ce8c79246439a.tar.xz mod_nss-862552622978b3d2a86ebaea833ce8c79246439a.zip | |
Add a FIPS configuration option. This enables the FIPS internal
database module, configures for SSLv3 and TLSv1 and enables the
2 FIPS ciphers (and disables all the others).
Diffstat (limited to 'docs/mod_nss.html')
| -rw-r--r-- | docs/mod_nss.html | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/mod_nss.html b/docs/mod_nss.html index f91c19a..1d9d5d8 100644 --- a/docs/mod_nss.html +++ b/docs/mod_nss.html @@ -346,6 +346,17 @@ Example</span><br style="font-weight: bold;"> <br> <code>NSSEngine on</code><br> <br> +<big><big>NSSFIPS</big></big><br> +<br> +Enables or disables FIPS 140 mode. This replaces the standard +internal PKCS#11 module with a FIPS-enabled one. It also forces the enabled protocols to SSLv3 and TLSv1 and disables all ciphers but the FIPS ones.<br> +<span style="font-weight: bold;"><br> +</span>FIPS is disabled by default.<br> +<span style="font-weight: bold;"><br> +Example</span><br style="font-weight: bold;"> +<br> +<code>NSSFIPS on</code><br> +<br> <big><big>NSSCipherSuite<br> </big></big><br> A space-separated list of the SSL ciphers used, with the prefix <code>+</code> |