Add doc/Contributing.txt to distribution archive

[ngircd-alex.git] / doc / SSL.txt

diff --git a/doc/SSL.txt b/doc/SSL.txt
index 7207f1bf6c21ce61ca488e94c8303df1557c67ed..28ea2cd92213d6e7fdd63b319ff1b2defe63b722 100644 (file)
--- a/doc/SSL.txt
+++ b/doc/SSL.txt
@@ -34,7 +34,7 @@ possible to handle unencrypted and encrypted connections on the same port!
 This is a limitation of the IRC protocol ...
 
 You have to set (at least) the following configuration variables in the
-[GLOBAL] section of ngircd.conf(5): SSLPorts, SSLKeyFile, and SSLCertFile.
+[SSL] section of ngircd.conf(5): Ports, KeyFile, and CertFile.
 
 Now IRC clients are able to connect using SSL on the configured port(s).
 (Using port 6697 for encrypted connections is common.)
@@ -49,19 +49,17 @@ Creating a self-signed certificate
 OpenSSL:
 
 Creating a self-signed certificate and key:
- $ openssl req -newkey rsa:2048 -x509 -keyout server-key.pem \
-       -out server-cert.pem -days 1461
+ $ openssl req -newkey rsa:2048 -x509 -keyout server-key.pem -out server-cert.pem -days 1461
 Create DH parameters (optional):
- $ openssl dhparam -2 -out dhparams.pem 2048
+ $ openssl dhparam -2 -out dhparams.pem 4096
 
 GnuTLS:
 
 Creating a self-signed certificate and key:
  $ certtool --generate-privkey --bits 2048 --outfile server-key.pem
- $ certtool --generate-self-signed --load-privkey server-key.pem \
-        --outfile server-cert.pem
+ $ certtool --generate-self-signed --load-privkey server-key.pem --outfile server-cert.pem
 Create DH parameters (optional):
- $ certtool  --generate-dh-params --bits 2048 --outfile dhparams.pem
+ $ certtool  --generate-dh-params --bits 4096 --outfile dhparams.pem
 
 
 Alternate approach using stunnel(1)