Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Cross-link the ssl-server.md and ssl.wiki documents. Both of them still need improvements. Some Pikchr diagrams would be a great addition. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
939753d046ced49cce93d55cb380e1fd |
| User & Date: | drh 2022-01-04 01:13:47.199 |
Context
|
2022-01-04
| ||
| 18:49 | Added year=YYYY filter to /timeline, per request in [forum:/forumpost/7c923903ad45c8ea | forum post 7c923903ad45c8ea]. ... (check-in: f8681a9c06 user: stephan tags: trunk) | |
| 01:13 | Cross-link the ssl-server.md and ssl.wiki documents. Both of them still need improvements. Some Pikchr diagrams would be a great addition. ... (check-in: 939753d046 user: drh tags: trunk) | |
|
2022-01-02
| ||
| 20:46 | In the forum, omit unnecessary query parameters on generated URLs, so that it is easier to copy/paste URLs into commit messages or chat windows. ... (check-in: 168eb71643 user: drh tags: trunk) | |
Changes
Changes to www/ssl-server.md.
1 2 3 4 | # SSL/TLS Server Mode ## History | | > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | # SSL/TLS Server Mode ## History Fossil has supported [client-side SSL/TLS][0] since [2010][1]. This means that commands like "[fossil sync](/help?cmd=sync)" could use SSL/TLS when contacting a server. But on the server side, commands like "[fossil server](/help?cmd=server)" operated in clear-text only. To implement an encrypted server, you had to put Fossil behind a web server or reverse proxy that handled the SSL/TLS decryption/encryption and passed cleartext down to Fossil. [0]: ./ssl.wiki [1]: /timeline?c=b05cb4a0e15d0712&y=ci&n=13 Beginning in [late December 2021](/timeline?c=f6263bb64195b07f&y=a&n=13), this has been fixed. Commands like * "[fossil server](/help?cmd=server)" * "[fossil ui](/help?cmd=ui)", and |
| ︙ | ︙ |
Changes to www/ssl.wiki.
| ︙ | ︙ | |||
224 225 226 227 228 229 230 | If you attempt to connect to a server which requests a client certificate, but don't provide one, fossil will show an error message which explains what to do to authenticate with the server. <h2 id="server">Fossil TLS Configuration: Server Side</h2> | | | | | | | | 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 | If you attempt to connect to a server which requests a client certificate, but don't provide one, fossil will show an error message which explains what to do to authenticate with the server. <h2 id="server">Fossil TLS Configuration: Server Side</h2> Fossil's built-in HTTP server feature did not add [./ssl-server.md|support HTTP over TLS] (a.k.a. HTTPS) until version 2.18 (2022). Prior to that, system administrators that wanted to add HTTPS support to a Fossil server had to put Fossil behind a web-server or reverse-proxy that would do the HTTPS to HTTP translation. [./server/ | Instructions for doing so] are found elsewhere in this documentation. A few of the most useful of these are: * <a id="stunnel" href="./server/any/stunnel.md">Serving via stunnel</a> * <a id="althttpd" href="./server/any/althttpd.md">Serving via stunnel + althttpd</a> * <a id="nginx" href="./server/debian/nginx.md#tls">Serving via SCGI with nginx on Debian</a> <h2 id="enforcing">Enforcing TLS Access</h2> |
| ︙ | ︙ |